IT Systems Engineering

Quick and dirty NFS share on Windows 2008 R2

February 19, 2013 /

I call it dirty because I allowed anonymous access to the NFS share. I tried the UID mapping thing but could not get it to work properly for multiple reasons. They had not enabled the NFS extensions in AD, so I could not use the AD authentication. The “unmapped UNIX user access” option worked only for giving access to the NFS share to only one Solaris server. Other Solaris servers could not write to the same share. Hence I broke down and enabled anonymous access.

So here is how to create a quick NFS share for allowing your Solaris brothers to send data to your Windows world.

On the Windows 2008 R2 Server do this:

First , you gotta enable a policy in the local security policy:

Network Access: Let Everyone permissions apply to anonymous users policy.

Then install these server roles:

  • File Server
  • Services for Network File System

Now that you have NFS installed, you can create an anonymous NFS share. Here is  how to do it:

  1. Inside server manager, expand “File Services” and go to “Share and Storage management”.
  2. Click Edit NFS Configuration on the right side.
  3. On the left side, click on “Use Services for NFS to Share Folders“
  4. Click on the button “Provision a shared folder wizard”
  5. Go through the wizard’s steps…
  6. Click on “Browse” button and choose the folder you wanna share via NFS.
  7. On the next page click on “No, do not change NTFS…”
  8. On the “Share Protocols” page, choose NFS. If you wish, you can share via SMB simultaneously.
  9. On the next page “NFS Authentication” choose “Allow anonymous access” and click on “edit” button. 
  10. Click on “full control”. This will grant full control permissions to everyone group. Click Next.
  11. Click Yes on the confirmation pop-up.
  12. On the next page click “Add “ button and add only those Solaris machines’ IP addresses which need to write to this share. This provides a little security. Make sure you change permissions to “Read-Write” and leave the “Allow root access…” unchecked.
  13. Click OK.
  14. Add more machines.
  15. When you have all your machines in there…click “Next”
  16. Click on “Create” button and it will create the NFS share.
  17. Click on “refresh” inside Share and Storage management to see the new NFS share you just created.
  18. Nothing more needs to be done on Windows side.

 

On each Solaris machine, do this:

  1. Change to root using the su command
  2. create a directory /mnt/SolarisDBDumps
  3. Mount your NFS share using the command:
  4. mount servername.domain.com:SolarisDBdumps /mnt/SolarisDBdumps
  5. The NFS share will be mounted as a nobody/nobody rights . All users on the server can now write to it.

Leave a Reply

Your email address will not be published. Required fields are marked *

Prove that you are a human *