Overview
This chapter explains how to access volumes, including CIFS shares, NFS exports, and FTP/SFTP directories. After you access volumes, you can get up and running quickly with the Nasuni Edge Appliance and start using it on your network as a NAS or SAN device.
Tip: With a new Edge Appliance in an account that already has remote volumes with Read/Write permissions, it can initially take up to 20 minutes before these remote volumes appear in the list of volumes. It takes time to fetch the necessary information for the remote volumes.
Tip: For Nasuni recommendations for volume configuration, see “Volume Configuration”.
Cloud Credentials
Before creating or using volumes, you must configure the Nasuni Edge Appliance to use the storage you have arranged for this purpose.
Nasuni enables customers to execute a multi-cloud IT strategy and select the most appropriate object storage for their business by offering support for the leading private and public cloud (aka BYOC) storage platforms, including Amazon Simple Storage Service (Amazon S3), Dell EMC Elastic Cloud Storage (ECS), Hitachi Content Platform (HCP), IBM Cloud Object Storage, and Microsoft Azure Storage.
Cloud credentials define the connection between the Nasuni Edge Appliance and the cloud object storage provider. They generally consist of the location of the cloud object storage provider, as well as access keys and identification.
Important: You must create and maintain your own cloud object storage account. Nasuni does not have access to your cloud object storage account.
Tip: In the Nasuni model, customers provide their own cloud accounts for the storage of their data. Customers should leverage their cloud provider's role-based access and identity access management features as part of their overall security strategy. Such features can be used to limit or prohibit administrative access to the cloud account, based on customer policies.
Tip: You must configure cloud credentials before adding a volume that uses those cloud credentials.
Tip: If you have a requirement to change Cloud Credentials on a regular basis, use the following procedure, preferably outside office hours:
Obtain new credentials. Credentials typically consist of a pair of values, such as Access Key ID and Secret Access Key, Account Name and Primary Access Key, or User and Secret.
On the Cloud Credentials page, edit the cloud credentials to use the new credentials.
The change in cloud credentials is registered on the next snapshot that contains unprotected data.
Manually performing a snapshot also causes the change in cloud credentials to be registered, even if there is no unprotected data for the volume.After each Edge Appliance has performed such a snapshot, the original credentials can be retired with the cloud provider.
Warning: Do not retire the original credentials with the cloud provider until you are certain that they are no longer necessary. Otherwise, data might become unavailable.
Viewing cloud credentials
To view cloud credentials, use the NMC. See Cloud Credentials.
Adding or editing cloud credentials
To add or edit cloud credentials, use the NMC. See Cloud Credentials.
Tip: Be careful changing existing credentials. The connection between a Nasuni Edge Appliance and the cloud object storage provider could become invalid, causing loss of data access. Credential editing is to update access after changes to the cloud object storage parameters.
Deleting cloud credentials
To delete cloud credentials, use the NMC. See Cloud Credentials.
Folder and File Access Permissions in Windows
Tip: Windows share permissions are not Nasuni share permissions. Changing Windows share permissions, for example, on the “Share Permissions” tab in File Explorer, does not change Nasuni share permissions.
Special default permissions are applied to these folders and files:
.nasuni.nasuni/sync_logs/Files in
.nasuni/sync_logs/.nasuni/av_violations/Files in
.nasuni/av_violations/.nasuni/file_alerts/Files in
.nasuni/file_alerts/.nasuni/audit/Files in
.nasuni/audit/
Caution: Do not change the permissions on these folders or files unless it is absolutely necessary. Use caution when changing any permissions. Incorrect permissions can cause problems in access and processing.
Tip: To access the hidden .
nasunidirectory on an SMB share, you must be an administrative user.
Because the .nasunidirectory is located in the root directory of the volume, in order to access the .nasunidirectory, you must create a share to the root directory of the volume.
In addition, this hidden directory must be visible on the client machine. For example, in Windows, “Show Hidden Files, folders, and drives” must be enabled, and “Hide protected operating system files” must be disabled.
Alternatively, you can use the File System Browser to view the .nasunidirectory and its contents. On the File System Browser page, select the volume, click the gear icon, then select “Show Hidden Files”.
In Windows, using Active Directory security, all users have Read permission for all files and all folders under the topmost .nasuni folder. However, unless a user also has Read permission for the topmost .nasuni folder, that user cannot access any of those files or folders under the topmost .nasuni folder. By default, only a Filer Administrator has Read permission for the topmost .nasuni folder. If a Filer Administrator wants to allow a user to view the files, the Filer Administrator should change the permission on the topmost .nasuni folder for that user.
Tip: In Windows, if a folder gives permission to the group “Everyone”, unprivileged users might not be able to access the folder. Instead, Nasuni recommends that you assign users to another group that has the desired permission for the folder.
Tip: If you are using Active Directory authentication and your Nasuni Edge Appliance is joined to an Active Directory server that has Windows Server 2012 domain controllers, and the following conditions occur:
• The Windows Server 2012 domain controller has Resource SID compression enabled,
• The client accesses the Nasuni Edge Appliance CIFS volume by hostname,
• The user client is authenticating using access to the CIFS volume based on membership in a domain local group, then the user is denied access to the CIFS volume.
Mapping a Windows Network Drive to a CIFS Share
You can map a Windows network drive to a CIFS share on the Nasuni Edge Appliance.
Note: You must have share privileges to access the folder on the Nasuni Edge Appliance and map a network drive to it. See “Adding a New CIFS (SMB) Share to a Volume” and “Editing a SMB (CIFS) Share” in the Nasuni Edge Appliance Administration Guide for more details.
Tip: Hard links, junctions, and symbolic links (including Windows junctions and hard links) are not supported with SMB (CIFS) shares.
Tip: If using the Windows “
net use” command, ensure that the user name is expressed in the form/user:[DomainName\]UserName]
or/user:[DottedDomainName\]UserName
For example:net use r: \\1.1.1.1\Volume_HW_filer
/user:mydomain.mycompany.com\user_person password
Tip: Before adding data to a Nasuni Edge Appliance, it is a Best Practice to clean up historical and orphaned SIDs. This can help prevent later difficulties with permissions. For more details, see Permissions Best Practices.
To map a Windows network drive to a CIFS share:
In Windows, right-click My Computer.
Select Map Network Drive. The Map Network Drive dialog box appears.
.png?sv=2022-11-02&spr=https&st=2026-05-08T17%3A28%3A15Z&se=2026-05-08T17%3A54%3A15Z&sr=c&sp=r&sig=Eh%2Be4%2BWtQmkGjGYXp0mUn%2Fs8GpQ%2FjXjcTlvs62KZCLA%3D)
Figure 3-6: Map Network Drive dialog box.
From the Drive drop-down menu, select an available network drive letter to map the share to. An unused network drive letter is automatically selected.
From the Folder drop-down list, select a shared folder on the Nasuni Edge Appliance.
Alternatively, in the Folder text box, enter the IP address or URL of a shared folder on the Nasuni Edge Appliance. For example,
\\10.1.10.97\files.Alternatively, click Browse to navigate to the IP address or URL of a shared folder on the Nasuni Edge Appliance. For example,
\\10.1.10.97\files.Caution: The maximum length of a file name is 255 bytes.
In addition, the length of a path, including the file name, must be less than 4,000 bytes.
Since the UTF-8 representation of characters from some character sets can occupy several bytes, the maximum number of characters that a file path or a file name might contain can vary.
If a particular client has other limits, the smaller of the two limits applies.If prompted for a username and password, use a username that has data access permissions.
Tip: For some Windows platforms, it might be necessary to use
<hostname>\<username>instead of the username, where<hostname>is the IP address or hostname of the Nasuni Edge Appliance.Click Finish.
With Windows Explorer, select the network drive letter that you mapped. For example:
.png?sv=2022-11-02&spr=https&st=2026-05-08T17%3A28%3A15Z&se=2026-05-08T17%3A54%3A15Z&sr=c&sp=r&sig=Eh%2Be4%2BWtQmkGjGYXp0mUn%2Fs8GpQ%2FjXjcTlvs62KZCLA%3D)
Figure 3-7: Sample mapped drive.
Tip: Alternatively, you can enter the path for the share folder or IP address in the address bar of Windows Explorer instead of using the Map Network Drive dialog box.
Open the drive, then drag and drop files that you want to send to the Nasuni Edge Appliance. You can now open these files and do your work from this mapped drive. By default, snapshots of unshared volumes are taken every hour (every 5 minutes for shared volumes) to provide you with a backup of your work.
Accessing data using the FTP protocol
If the FTP/SFTP protocol has been enabled for a volume, and FTP/SFTP directories have been added to a volume, you can use FTP/SFTP commands and various applications to access that data.
Note: Nasuni supports SFTP, the SSH File Transfer Protocol. This is not the same as FTPS, the File Transfer Protocol over SSL.
Tip: You can ensure that the SFTP (SSH File Transfer Protocol) protocol is used, rather than the FTP protocol, with the Firewall page in the Edge Appliance UI. For each Traffic Group, select SFTP and deselect FTP.
Tip: In order to access data using the FTP/SFTP protocol, the following steps are necessary:
Create a CIFS or NFS volume. See “Adding a Volume” in the Nasuni Edge Appliance Administration Guide.
Enable the FTP protocol on the volume. See “Enabling multiple volume protocols” in the Nasuni Edge Appliance Administration Guide.
(Optional) Configure FTP settings. See “Configuring FTP settings” in the Nasuni Edge Appliance Administration Guide.
Add a new FTP/SFTP directory. See “Adding FTP directories for a volume” in the Nasuni Edge Appliance Administration Guide.
(Optional) Create a permission group that has storage access. See “Adding Permission Groups” in the Nasuni Edge Appliance Administration Guide.
(Optional) Create a user in a permission group that has storage access. See “Adding Users” in the Nasuni Edge Appliance Administration Guide. Active Directory and LDAP users can log in for FTP access just as they do for CIFS access. Also, if anonymous access is enabled, you don't need a specific group or user.
Access files using the FTP/SFTP protocol.
To access data using FTP commands, use commands such as these:
Enter the following FTP command:
ftp <filer DNS | filer IP>where
<filer DNS | filer IP>is the DNS or IP address or hostname of the Nasuni Edge Appliance.When prompted, enter a valid username and password for that Nasuni Edge Appliance.
Note: This user must belong to a permission group that has Storage Access enabled. See “Users and Groups” in the Nasuni Edge Appliance Administration Guide.
Navigate to the directory using a command of the form:
cd /<ftp_directory>/<folder_name>where
<ftp_directory>is the name of the FTP directory and<folder_name>is the name of the folder that the FTP access is defined for.Caution: The maximum length of a file name is 255 bytes.
In addition, the length of a path, including the file name, must be less than 4,000 bytes.
Since the UTF-8 representation of characters from some character sets can occupy several bytes, the maximum number of characters that a file path or a file name might contain can vary.
If a particular client has other limits, the smaller of the two limits applies.
Alternatively, follow these steps:
Enter the following on the address bar of your Web browser:
ftp://<user_name>@<filer>/<ftp_directory>/<folder_name>where
<user_name>is the username of the user. This user must belong to a permission group that has Storage Access enabled. See “Users and Groups”.<filer>is the IP address or hostname of the Nasuni Edge Appliance.<ftp_directory>is the name of the FTP directory.<folder_name>is the name of the folder that FTP access is defined for.Note: If you are not logging in anonymously, you still must specify a username in the URL, such as
ftp://username@ftp.server.hostname.This is true even if Anonymous access is not enabled.When prompted, enter a valid username and password for that Nasuni Edge Appliance.
Note: This user must belong to a permission group that has Storage Access enabled. See “Users and Groups”.
A display of the FTP/SFTP directory appears. You can then navigate this directory to access folders and files.
Caution: The maximum length of a file name is 255 bytes.
In addition, the length of a path, including the file name, must be less than 4,000 bytes.
Since the UTF-8 representation of characters from some character sets can occupy several bytes, the maximum number of characters that a file path or a file name might contain can vary.
If a particular client has other limits, the smaller of the two limits applies.
Mounting a CIFS Share in Linux or UNIX
You can mount a CIFS share in Linux or UNIX using the mount.cifs command. There should not be any issues between the CIFS character set and the Linux character set. In most cases, use mount.cifs with the option iocharset=utf-8. CIFS shares are case-sensitive by default, which is consistent with Linux.
Note: Even if case-sensitivity is not enabled, non-Windows clients such as Linux might still treat the paths as case-sensitive.
To ensure that paths are treated as case-insensitive, mount shares using the nocase option, such as in this command:
mount -v -t cifs –o nocase,<options> <share IP address> /mnt/<folder>
Tip: Hard links, junctions, and symbolic links (including Windows junctions and hard links) are not supported with SMB (CIFS) shares.
Note: You must have share privileges to access the folder on the Nasuni Edge Appliance. See “Adding a New CIFS (SMB) Share to a Volume” and “Editing a SMB (CIFS) Share” in the Nasuni Edge Appliance Administration Guide for more details.
Note: If the Nasuni Edge Appliance is running in Active Directory security mode, the Linux clients must connect to the Nasuni Edge Appliance as Active Directory users.
In UNIX and Linux, the default permissions for certain folders and files are as follows:
Folder or file | Permissions |
|---|---|
| 500 |
| 500 |
Files in | 444 |
| 500 |
Files in | 444 |
| 500 |
Files in | 444 |
| 500 |
Files in | 444 |
Tip: To access the hidden .
nasunidirectory on an SMB share, you must be an administrative user.
Because the .nasunidirectory is located in the root directory of the volume, in order to access the .nasunidirectory, you must create a share to the root directory of the volume.
In addition, this hidden directory must be visible on the client machine. For example, in Windows, “Show Hidden Files, folders, and drives” must be enabled, and “Hide protected operating system files” must be disabled.
Alternatively, you can use the File System Browser to view the .nasuni directory and its contents. On the File System Browser page, select the volume, click the gear icon, then select “Show Hidden Files”.
If you change the permissions on any of these folders and files, the Nasuni Edge Appliance preserves your changes. However, new files still receive the default permissions of 444. The owner of each folder can delete files in that folder.
To mount a CIFS share enter the following command:
mount -t cifs -o iocharset=utf-8, user=<username>, domain=<domain-shortname> //<filername>/<sharename> /<localdir>
where:
usernameis the username to connect as.domain-shortnameis the shortname (not the fully-qualified domain name) of the domain.filernameis the name or the IP address of the Nasuni Edge Appliance.sharenameis the name of the CIFS share on the Nasuni Edge Appliance.localdiris the name of the local Linux directory.
The result of the mount command is to mount the CIFS share in the local directory. Users can then add data to the volume with CIFS enabled using copy commands.
Tip: You can place the
mountcommand in a script that runs on login and mounts the CIFS share automatically.
Tip: Depending on the specific operating system, performing the mount might also create a graphical icon of the export that allows drag and drop and other GUI actions.
To disconnect from the CIFS share, use the unmount command.
Defining NFS datastores using VMware client
You can use a VMware client, such as the VMware vSphere Client, to define NFS datastores.
To define NFS datastores using a VMware client, follow these steps:
On the VMware client, select the host from the list.
Select the Configuration tab, then select Storage from the list on the left.
In the Datastores area, click Add Storage. The Add Storage dialog box appears.
In the Storage Type area, select Network File System, then click Next.
In the Properties area, in the Server text box, enter the IP address of the Nasuni Edge Appliance.
In the Properties area, in the Folder text box, enter the following:
/nfs/<name of NFS volume or NFS export>where
<name of NFS volume or NFS export>is the case-sensitive name of either the volume with NFS enabled or the NFS export.In the Properties area, in the Datastore Name text box, enter the name that you want to give to this datastore.
Click Next, then review the information and click Finish.
The datastore appears in the Datastores list.
Mounting an NFS Export in Linux or UNIX
You can mount an NFS export in Linux or UNIX using the mount command.
Important: NFS mounts using TCP are supported by default. NFS mounts using UDP are not supported by default.
Note: You must have export privileges to access the folder on the Nasuni Edge Appliance. See “Editing an NFS Export” in the Nasuni Edge Appliance Administration Guide for more details.
In UNIX and Linux, the default permissions for certain folders and files are as follows:
Folder or file | Permissions |
|---|---|
| 500 |
| 500 |
Files in | 444 |
| 500 |
Files in | 444 |
| 500 |
Files in | 444 |
| 500 |
Files in | 444 |
If you change the permissions on any of these folders and files, the Nasuni Edge Appliance preserves your changes. However, new files still receive the default permissions of 444. The owner of each folder can delete files in that folder.
To mount an NFS export in Linux or UNIX, enter the following command:
mount -t nfs <ip_address>:/nfs/<exportname> <target>
where:
ip_addressis the hostname or the IP address of the Nasuni Edge Appliance.exportnameis the name of the NFS export on the Nasuni Edge Appliance.targetis the name of the local directory.
Important: Make sure to include the '
/nfs/' part of the command.
If the default options for the mount command do not work, use these explicit options:
mount -t nfs -o tcp, vers=3, timeo=600, rsize=16384, wsize=16384, hard <ip_address>:/nfs/<exportname> <target>
This version of the mount command includes these explicit options: TCP; version NFSv3; 10 minute (600 seconds) timeout; read and write sizes of 16 KB; and hard mount (soft mounts can corrupt data).
These values of rsize and wsize are recommended, but tune them for your system.
The result of the mount command is to mount the NFS export in the target directory. Users can then add data to the volume with NFS enabled using copy commands.
Tip: You can place the
mountcommand in a script that runs on login and mounts the NFS export automatically.
Tip: Depending on the specific operating system, performing the mount might also create a graphical icon of the export that allows drag and drop and other GUI actions.
To disconnect from the NFS export, use the unmount command.
Web Access
Web Access is a web-based file management tool included with the Nasuni Edge Appliance that provides remote file access and secure file sharing.
Using Web Access, you can perform tasks such as the following:
Viewing documents and images, and playing audio and video.
Uploading documents, images, and videos to your folders on the Nasuni Edge Appliance.
Downloading documents, images, and videos from your folders on the Nasuni Edge Appliance.
Viewing file information such as file name, file size, and date and time of last modification.
Creating and sharing links to files.
Opening documents directly in your favorite local editor or viewer.
Viewing and accessing previous versions of files.
For details about Web Access features and configuration, see Web Access.
Nasuni Mobile Access
Important: The Nasuni Mobile Access app is End-of-Life as of May 1, 2024. The Nasuni Mobile Access app is no longer supported or available from app stores.
To log out from this page, click Logout in the left-hand column.
FAQs
Question: We attempted to delete two folders, but they reappeared soon after deletion. Why would they reappear?
Answer: On a Nasuni Edge Appliance, non- empty directories that contain only blocked files appear empty to a client, and might lead to unexpected behavior when attempting to delete those directories. For example, if a directory contains only blocked files, and you try to delete that directory, the directory is removed from view temporarily, but is not deleted, and reappears upon refresh.
In Windows, the Nasuni Edge Appliance sends the error STATUS_DIRECTORY_NOT_EMPTY to report that the delete failed, but Windows does not act on that error.