Table of Contents
A. Enable Internal LDAP
B. Create Internal LDAP Users and Groups
C. Add the Internal LDAP User to the Samba User List
D. Default Folder Anonymous Permissions
E. Adding Permissions to the NAS Gateway SMB Share

Scope

The purpose of this article is to provide an A-Class SAN administrator the appropriate instructions on using the Promise Internal LDAP server module.

Internal and External LDAP servers cannot be enabled at same time. There are three LDAP statuses:

  1. Internal LDAP enabled while External LDAP is disabled
  2. Internal LDAP disabled while External LDAP is enabled
  3. Internal and External LDAP servers are both disabled

 A. Enable Internal LDAP

  1. Go to the Administration tab and go to LDAP Settings.
  2. Select Enable Internal LDAP Server


B. Create Internal LDAP Users and Groups
In the A-Class GUI, if the internal LDAP is enabled, the administrator can create LDAP users and groups under tab "User Management" and "Group Management" respectively.

Create Internal LDAP Group

  1. Click "Add LDAP Group" under the gear icon in tab "Group Management"
  2. Input the Group Name in popup window.
  3. Click the Save button.




Create Internal LDAP User

  1. Click "Add New User" under the gear icon in tab "User Management"
  2. Select Internal LDAP
  3. Input the user’s name 
    (This will automatically update the Display Name and Surname)
  4. Enter the user’s password.
  5. Click the Save button.




C. Add the Internal LDAP User to the Samba User List

  1. Using your web browser, enter the Virtual IP Address of the NAS Gateway Cluster to access the Promise NAS Gateway Samba Login Tool.
  2. You can retrieve the Virtual IP Address of the cluster by going to NAS Gateway > Detail.


  3. Enter the user's credentials that you will be authenticating and Login:
    If you don’t execute this step, your Internal LDAP users will not be able to access the SMB share. 

  4. You will receive a message stating that the user has been successfully authenticated.

D. Default Folder Anonymous Permissions

  1. Go to the NAS Gateway tab and go the Detail
  2. Ensure that the Default Folder Anonymous Permissions is set to: No Anonymous User
  3. Click the pencil edit icon set the No Anonymous User permission and click Save:



E. Adding Permissions to the NAS Gateway SMB Share

  1. Go to NAS Gateway > Mount Point.
  2. Click the gear and select Folder Share:

  3. You can set permissions by User or Group.
    A. User = Read-Write Example:

    B. Group = Read-Write Permission Example
  4. Click Submit to save the changes and you will receive the following notification message:

Related Articles:
Disable SMB Signing on OS X (10.11.5 > 10.12.x)
Unable to Save File on the NASGW from a File Created by a FC Client - Internal/External LDAP Configurations
VTrak G-Class NAS Gateway Firmware Release Notes

Contact Promise Technology Support
Need more help? Save time by starting your support request online and a technical support agent will be assigned to your case.

Promise Technology Technical Support >