Video Screencast Help

Does Symantec Data Insight fully support Network Appliance filer configuration with NFS in an environment without LDAP or Windows AD?

Created: 16 Apr 2014 • Updated: 28 May 2014
Language Translations
RodP's picture
0 0 Votes
Login to vote

In Symantec Data Insight (SDI) the configuration of the Network Appliance (NetApp) filer for discovery, scanning, auditing on NFS shares or shares in mixed mode of CIFS and NFS requires an authentication domain be configured under LDAP or AD.

 

Error

There is no error displayed but the Select Domain option box will only have the refresh button available.

 

Environment

NetApp ONTAPI

CIFS&NFS mixed mode shares

Local account Authentication

SDI 4.0 or later

Microsoft Windows Operating System

 

Cause

When configuring NFS SDI requires an authentication domain for configuration.

 

Solution

The SDI Administrator can configure SDI to run against NetApp NFS for monitoring without an actual LDAP domain, but they will have to configure one in SDI in order to enable the selection.

These steps will allow you to create a pseudo Directory Services Domain in SDI and add NFS monitoring / auditing configuration.

In the SDI console navigate  to Settings (1)

settings.jpg

Click on directory services (2)
Click Add new directory service (3)

DS.jpg

Select LDAP as your domain option (4)

 ldap.jpg

Create a pseudo LDAP server similar to below

conn1.jpg

 Do not test the connection.

Scroll to the bottom of the page and click Save.

Edit your existing NetApp filer configuration or add a new filer for which you deisre to Monitor NFS access events.

Click Settings, filers

filerN.jpg

Click name of existing filer

filerE.jpg

Then add the NFS auditing  by checking the box for monitoring during the NetApp filer configuration with the pseudo LDAP server.

nfs.jpg

 

When events get registered, they will look something like this

event.jpg

 Note: demonstration is showing nobody due to not having configured using users, rather utilizing IP allow lists.