Configuration of AIX Fast Connect and SMBFS

Document options Document options requiring JavaScript are not displayed Rate this page Help us improve this content

Level: Intermediate

Divya Vikas (dipraksh@in.ibm.com), Software Engineer, IBM
Uma Chandolu (uchandol@in.ibm.com), Software Engineer, IBM
Puneet Mahajan (pmahajan@us.ibm.com), Software Engineer, IBM

18 Dec 2007

Follow along with this quick reference guide to configure AIX® Fast Connect and SMBFS on AIX and Windows®.

Introduction

The Common Internet File System (CIFS), also known as Server Message Block (SMB), is a standard remote file system access protocol over the Internet, enabling groups of users to work together and share documents and printers across the Internet or within corporate intranets. CIFS allows multiple clients to access and update the same file, while preventing conflicts with sophisticated file sharing and locking semantics. It also permits aggressive caching and read-ahead and write-behind without loss of cache coherency, thereby increasing the performance, which is the backbone of today's sophisticated enterprise computer networks. CIFS complements HTTP and provides more sophisticated file sharing and file transfer than older protocols, such as FTP.

File sharing between PC operating systems, such as Windows®, is commonly implemented using the CIFS protocol, and file sharing between AIX® systems has been implemented using the Network File System (NFS) protocol. Since these two protocols being non-interoperable, products like AIX Fast Connect and AIX SMBFS allow PC clients to access and share files on the AIX server and vice versa.

Overview of AIX Fast Connect

AIX Fast Connect is server software that allows AIX servers to share files and printers with personal computer clients running the following Windows operating systems:

• Windows XP
• Windows 2000
• Windows 2003
• Windows NT
• Windows 98Windows

• A rich set of security features
• High performance (SendFile API support and memory-mapped files )
• File safety specifications (so that multiple machines can access the same file without locking problems and opportunistic locking)
• Maintenance and administration using the System Management Interface Tool (SMIT)
• Secure authentication techniques (AIX-based user authentication, NT pass-through authentication, Lightweight Directory Access Protocol (LDAP) support for user authentication, Kerberos-based authentication, and CIFS password encryption protocols)

Note: AIX Fast Connect supports AIX 5.1 and above.

Installation requirements

Install the following filesets to configure AIX Fast Connect:

Starting the Fast Connect server

There are two ways in which you can start the Fast Connect server:

1. Using SMIT
2. Using the command line

Using SMIT

1. Enter smitty smb.
   
   Figure 3. Using SMIT
   
   
   
2. Select the Start Server.
3. In the next screen, the command completes and displays the following message:

   Server servername has started successfully on servername

   
   

Using the command line

1. Enter net start /load.
2. To verify, run the following:

   #ps -eaf | grep cifs root 503820 1 0 Aug 23 - 0:00 /usr/sbin/cifsUserProc root 565300 1 0 Aug 23 - 0:12 /usr/sbin/cifsServer root 823380 757910 0 12:55:44 pts/2 0:00 grep cifs

   
   

   These two processes, associated with Fast Connect, are responsible for the SMB request and response:

   • cifsServer is the main server daemon; it is a main server process owned by root.
   • cifsUserProc is a client session daemon; there is one cifsUserProc for each session. For every new request to the AIX Fast Connect server from the Windows client, a new cifsUserProc thread is created.

Defining shares

There are two ways in which you can add a new file system share:

1. Using SMIT
2. Using the command line

Using SMIT

1. Enter the following command: #smitty smb.
2. Select Server Shares > File Systems (Shared Volumes) > Add File Systems (Shared Volumes).
   
   Figure 4. Adding file systems
   
   
   

Using the command line

1. Enter the following command:

   #net share /add /type:f /netname:TEST /path:/home/divya /desc:"File share test"

   
   

Configuration of encrypted passwords and defining a user

When the AIX Fast Connect server is configured for encrypted passwords, AIX Fast Connect attempts to authenticate all incoming SMB usernames and encrypted_password logins against the AIX Fast Connect /etc/cifs/cifsPasswd file. This file, initialized and maintained by the net user command, is a database of AIX Fast Connect users (and their encrypted passwords).

All AIX Fast Connect users defined by the net user command should be AIX users.

The passwords of the Fast Connect users are distinct from (and might differ from) the standard AIX passwords in the /etc/security/passwd file. When an AIX user changes their password (using /usr/bin/passwd), the AIX Fast Connect password for that user does not automatically change.

• To enforce encrypted passwords for AIX Fast Connect, type:

  #net config /encrypt_passwords:2

  
  
• To configure a new user for encrypted passwords, type:

  #net user username password /add

  
  Or

  #net user username -p /add

  
  The -p flag prompts for a no-echo password.
  
• To change a user's encrypted password and also update that user's AIX password, type:

  #net user username password /changeaixpwd:yes

  
  Or

  #net user username -p /changaixpwd:yes

  
  

Once the above configurations are done, stop and start the server.

• To stop the server and unload the server daemon, type:

  #net stop /unload

  
  
• To load the server daemon and enable PC clients to connect, type:

  #net start /load

  
  

Now the Fast Connect server is ready to allow PC clients to connect and access the exported file shares.

Mapping drives from the PC clients

Typically, PC clients must define drive mappings to use the CIFS exported file shares. These drive mappings can be done from Windows or from the DOS command prompt.

You can use the following mechanisms to define or undefine mappings between PC drives and CIFS file shares. For the following examples, assume that the NetBIOS server name is indus19.in.ibm.com and that file shares test, test1, is defined.

For DOS, enter the following:

	
DOS> net help (help info for DOS)
DOS>net use F: \\indus19.in.ibm.com\test /user:tstuser tstpass
DOS>net use H: \\indus19.in.ibm.com\test1 (When username and password is not 
specified in the command line, then a pop window appear asking for the username
and the password)
 DOS> copy F:\oldfile H:\newfile (uses the mapped drives) 
 DOS> net use F: /delete (delete the mapped network drive) 

For Windows, do the following:

1. In the Map Network Drive dialog box, select Windows Explorer > Tools > Map Network Drive, or right-click Network Neighborhood and select Map Network Drive.
2. Select the drive from the Drive: drop-down list, and then Enter the path. For example, see Figure 5 below.
   
   Figure 5. Mapping drives
   
   
   
3. To access the exported CIFS filesystems from Windows(Y:\), see Figure 6 below:
   
   Figure 6. Accessing the exported CIFS filesystems from Windows
   
   
   

Here are some other useful commands:

• To query the server's operational status, type:

  #net status

  
  
• To show general configuration information, type:

  #net config

  
  
• To show statistical information (for example, packets delivered), type:

  #net statistics

  
  

  You can reset the statistics counts by typing net statistics /reset on the command line.

• To query the status of logged-in user sessions, type:

  #net session

  
  
• To list all shares currently exported by the CIFS server, type:

  #net share

  
  
• To list all users configured in the /etc/cifs/cifsPasswd file, type:

  #net user

  
  
• To delete a user from the encrypted passwords database, type:

  #net user username /delete

  
  

Overview of SMBFS

AIX SMBFS is the client software that allows AIX servers to mount shares and exports from the SMB server like Windows XP, Windows 2003, Windows 2000, Windows NT, or Windows 98 operating systems into the AIX Virtual File System (VFS). This eliminates the need to install the NFS servers on the PC clients and to enhance the file sharing between SMB servers and AIX through the VFS interface.

Components that make SMBFS

• The device driver for a pseudo device—This driver allows SMBFS to communicate with the SMB server in case it needs to initiate a reconnection or finish receiving a multi-packet response without the need to stop all threads that are performing file operations.
• The file system interface—This interface supports VFS and vnode operations.
• The SMB interface—This interface generates and retrieves SMB information.

Basic configuration

AIX SMBFS requires the installation of the following filesets:

1. On the server side, share the folder that has to be exported to AIX. Right-click on Select Sharing and Security > Share this Folder > Permissions tab > Check all the permissions - Full control, Change, and Read > Apply and OK.
   
   Figure 7. Sharing a folder
   
   
   tstcifs is the shared folder, and the share name is tstcifs.
   
   Figure 8. The shared folder
   
   
   
2. On the client side, execute the following to mount the shares of the windows:
   • Enter the following to ensure that the nsmb0 device is in the available state. The device is a pseudo device that helps SMBFS to communicate with the SMB server (Windows):

     #lsdev -l nsmb0

     
     
   • If the device is not present, run /etc/mkcifs_fs, which creates the nsmb0 device and brings it to the available state.
     
     
   • Run the following to create a mount point and give the full permission to the mount point.

     #mkdir /mnt #chmod 777 /mnt

     
     
   • Run the mount command:

     #mount -v cifs -n (servername)/username/password /(sharename) /(mountpoint)

     
     
   
   
   Figure 9. The shared folder
   
   
   The main functionality of the mount command is:
   1. To create a SMBIOD thread (It is the parent thread of SMBFS; It is a kernel thread that creates the session and manages the connection. It also helps in sending and receiving the requests and responses between the server and the client. Every mount performed on AIX has a corresponding smbiod thread.)
   2. To establish the network (NETBIOS) connection between the server and the client
   3. To create a TREE CONNECT (directory structure of Windows is put in the mount point of AIX box)

Resources

• AIX Fast Connect overview: Browse the AIX Fast Connect Version 3.2 Guide.
  
  
• Overview of Server Message Block: Get the overview of Server Message Block here.
  
  
• Popular content: See what AIX and UNIX® content your peers find interesting.
  
  
• AIX and UNIX: The AIX and UNIX developerWorks zone provides a wealth of information relating to all aspects of AIX systems administration and expanding your UNIX skills.
  
  
• New to AIX and UNIX?: Visit the "New to AIX and UNIX" page to learn more about AIX and UNIX.
  
  
• AIX Wiki: A collaborative environment for technical information related to AIX.
  
  
• Search the AIX and UNIX library by topic:
  • System administration
  • Application development
  • Performance
  • Porting
  • Security
  • Tips
  • Tools and utilities
  • Java™ technology
  • Linux®
  • Open source
  
  
• Safari bookstore: Visit this e-reference library to find specific technical resources.
  
  
• developerWorks technical events and webcasts: Stay current with developerWorks technical events and webcasts.
  
  
• Podcasts: Tune in and catch up with IBM technical experts.

• IBM trial software: Build your next development project with software for download directly from developerWorks.
  
  

• Participate in the developerWorks blogs and get involved in the developerWorks community.
  
  
• Participate in the AIX and UNIX forums:
  • AIX —technical forum
  • AIX 6 Open Beta
  • AIX for Developers Forum
  • Cluster Systems Management
  • IBM Support Assistant
  • Performance Tools—technical
  • Virtualization—technical
  • More AIX and UNIX forums
  
  

About the authors

		Divya Vikas is an AIX support specialist for SMBFS and Fast Connect software. She is part of IBM Systems and Technology Group for IBM Software Labs, India. Divya has provided active support to customers across the world on SMBFS and Fast Connect. You can reach her at dipraksh@in.ibm.com.

		Uma M. Chandolu works as a software engineer on the AIX Development Support Security team in Austin, Texas. He has three years of extensive hands-on experience in AIX environments, and he is one of the focal points in the AIX support security area. He has expertise in AIX system administration and other subsystems and has experience handling customer critical situations. You can reach him at uchandol@in.ibm.com.

		Puneet Mahajan is an advanced AIX technical support specialist with over seven years of experience in AIX system administration. He is currently the team lead of AIX remote support for Independent Software Vendors (ISV) at IBM Austin. You can reach him at pmahajan@us.ibm.com.

Rate this page

Please take a moment to complete this form to help us better serve you. Did the information help you to achieve your goal? Yes No Don't know   Please provide us with comments to help improve this page:   How useful is the information? 1 2 3 4 5 Not useful Extremely useful

Share this.... Digg this story del.icio.us Slashdot it!

Back to top