Monday, 14 October 2013

Set up Services for Network File System in Windows Server 2008

The Microsoft Services for NFS continues to be the part of the operating system in Windows Server 2008 and seems we will see more improvements when Windows Server 2008 R2 is released.
In Windows Server 2008, a major change from the Windows Server 2003 R2 is the elimination of User Name Mapping service. Although, you can still use an existing UNM server to fetch the UNIX Identity information on a Windows Server 2008 system, it doesn't provide an option to install it on W2K8 system.
The other and newer option to use is Active Directory Lookup that debuted with Windows Server 2003 R2 and is yet to get accepted widely.
Using this feature, you can configure the Server for NFS and Client for NFS to directly fetch the UNIX identity information from Active Directory. This feature simplifies the identity management because now you just have to populate the information in just your Active Directory backend and it can be used to identify the UNIX users accessing the Windows NFS shares.
There are some glitches with this feature that I'll talk about in a post of its own. For now, let's move on to find out how we can enable the NFS services on a Windows Server 2008 box.
You can install Services for Network File System using the Add Roles Wizard from the Server Manager. To install Services for Network File System feature, the File Server role must be installed if it has already not been done. If the File Server role has not been added already, you can add this role and the Services for Network File System feature in a single go.
To get started, start Server Manager and click on the Add Roles link to start the Add Roles wizard. After you have followed the screens below, the necessary components and services will be added to your system -

From now on, you can manage most of the server and client configuration option from the Services for Network File System MMC snap-in -

To configure how it should fetch the UNIX identity information, right click on the top most node in the left pane in this MMC snap-in and click on Properties. You will be presented with the following dialog box and you can make your choices to use Active Directory Lookup by providing your Active Directory domain name and/or the server name of the system running User Name Mapping service -

Note: Active Directory Lookup feature is RFC2307 compliant and will work only when you have populated the RFC2307 attributes for the user and group objects in Active Directory. The attributes uidNumber and gidNumber contain the unique UID and GID information for users and groups.
The sharing of the folders over NFS remains more or less same as seen in the following screen shots -
UNIX side activities after you have installed the Services for Network File System and have exported some folders over NFS

