FTP Access Configuration

  • Published on Dec 18, 2024
  • 24 minute(s) read
  • CD
 Prev Next

Configuring FTP Access

You can access data using the FTP/SFTP protocol.

Note: Nasuni supports SFTP, the SSH File Transfer Protocol. This is not the same as FTPS, the File Transfer Protocol over SSL.

Tip: To use the SFTP (SSH File Transfer Protocol) protocol rather than the FTP protocol, navigate to the Edge Appliance UI and click the Configuration tab. From the Firewall page, and for each Traffic Group, select SFTP and deselect FTP.

This document will guide you in the procedures for configuring FTP/SFTP access.

Tip: For Nasuni recommendations for volume configuration, see “Appendix 1: Volume Configuration” on page 26.

Overview of Configuring FTP/SFTP Access

To access data using the FTP/SFTP protocol, the following steps are necessary:

  • Create a CIFS or NFS volume. See “Adding a CIFS or NFS Volume”.

  • Enable the FTP protocol on the volume. See “Enabling the FTP Protocol on a Volume”.

  • (Optional) Configure FTP settings. See “Configuring FTP Settings (optional)”.

  • Add a new FTP/SFTP directory. See “Adding FTP Directories for a Volume”.

  • (Optional) Create a permission group that has storage access. See “Adding a Permission Group with Storage Access (optional)”.

  • (Optional) Create a user in a permission group that has storage access. See “Adding Users (optional)”. Active Directory and LDAP users can log in for FTP as they do for CIFS access. Also, if anonymous access is enabled, you don't need a specific group or user.

  • Access files using the FTP/SFTP protocol. See “Accessing Data using the FTP/SFTP Protocol”.

Adding a CIFS or NFS Volume

This section explains how to add a new CIFS or NFS volume.

Tip: For Nasuni recommendations for volume configuration, see “Appendix 1: Volume Configuration”.

Note: This is an abbreviated procedure. See the Nasuni Edge Appliance Administration Guide for the complete procedure.

To add a new CIFS or NFS volume, follow these steps:

  1. Click Volumes, then click All Volumes from the list.
    Note: If this Nasuni Edge Appliance is under Nasuni Management Console control, this page is not available on the Nasuni Edge Appliance. Instead, use the Nasuni Management Console to view information or perform actions.

  2. Click Add New Volume. The Add New Volume page appears.
     

  3. Enter or select information for Name, Region, encryption Key, and Quota.

  4. From the Network Protocol drop-down list, select a network protocol on your network. This is the protocol you use to access files on a volume. Your choices are:

    • CIFS (Windows clients): This protocol allows Windows users to share files across a network. The CIFS protocol can be used on other operating systems besides Windows, including UNIX, Linux, and Mac OSX.

    • NFS (Unix clients): This protocol allows UNIX users to access and share file systems across a computer network using UNIX and Linux.
      Note: You can enable FTP/SFTP access to a CIFS volume or an NFS volume after the volume is created. See “Adding a Permission Group with Storage Access (optional)”.

  5. For CIFS and NFS volumes only, to automatically create a CIFS share or an NFS export for the new volume, leave the Create a default Share/Export check box selected.

  6. For CIFS volumes only, if the Nasuni Edge Appliance is configured for Active Directory or LDAP authentication, the CIFS-Specific Properties area appears. Enter or select values to configure the CIFS volume.
    Note: Limits on domains, groups, users, objects, and other items are the same as the limits of Active Directory. See Active Directory Maximum Limits - Scalability for details.

  7. Click Save. A message appears telling you that the new volume creation is complete. Click x to close the message box. The new volume appears on the Home page under Volumes.

Enabling the FTP Protocol on a Volume

You can assign CIFS, NFS, and FTP protocols to existing CIFS and NFS volumes. This enables you to allow access to data using multiple protocols. This might be helpful for simplifying access by users or applications.

Tip: For Nasuni recommendations for volume configuration, see “Appendix 1: Volume Configuration”.

Note: If this volume has Remote Access enabled and other Edge Appliances connect to this volume, the connected volumes inherit the same protocols as this volume. If these protocols change, the connected volumes inherit the changed protocols. This can take some time. You can refresh the volume connections to inherit the changed protocols immediately.

Warning: Protocols work in parallel. Enabling an additional protocol to an original protocol does not affect the original protocol. However, writing data to the volume using one protocol can affect the permissions or other metadata used by another protocol. This can inadvertently affect permissions in unexpected ways.

To enable the FTP protocol for a CIFS or NFS volume, follow these steps:

  1. Click Volumes, then select a CIFS or NFS volume from the list.
    Note: If this Nasuni Edge Appliance is under Nasuni Management Console control, this page is not available on the Nasuni Edge Appliance. Instead, use the Nasuni Management Console to view information or perform actions.

  2. Select Volume Protocols from the Properties drop-down list. The Enabled Volume Protocols page appears.
     

  3. Select FTP/SFTP.

    Warning: After enabling a protocol, you cannot disable that protocol.

  4. From the Volume Permissions Policy drop-down list, select one of the following:

    NTFS Exclusive Mode:

    • Default mode for CIFS (SMB) volumes on Nasuni Edge Appliances joined to Active Directory.

    • Produces full NTFS permissions support for CIFS (SMB) shares. This volume permissions policy offers the greatest Windows and Mac client compatibility.

    • Recommended for CIFS (SMB) volumes that do not require multiple protocols.

    • Not Supported: NFS, FTP, LDAP authentication.

    • Allows durable handles with SMB 2.0 and higher clients, which can then open a file and survive a temporary connection loss (60 seconds or less).
      Note: When Global Locking is enabled, support for SMB durable handles (allowing clients to survive temporary connection loss) is disabled. Enabling Global Locking anywhere on the volume disables durable handles. If durable handles are disabled in this way, durable handles cannot be enabled again.

      Caution: A CIFS NTFS Exclusive Mode volume cannot have multiple volume protocols. If this CIFS volume must support multiple protocols, select NTFS Compatible Mode.

      Important: You cannot switch from NTFS Exclusive Mode to NTFS Compatible Mode.

    NTFS Compatible Mode:

    • Optional mode for CIFS (SMB) volumes on Nasuni Edge Appliances joined to Active Directory.

    • Provides a high level of Windows and Mac compatibility through the CIFS (SMB) protocol, with some limitations.

    • This mode is required for multiple protocol support that does NOT involve NFS, such as CIFS (SMB) with FTP/SFTP, as well as CIFS (SMB). NFS and FTP/SFTP protocols cannot see all NTFS permissions and do not obey all access rules in NTFS permissions. NFS and FTP/SFTP protocols obey only the POSIX access control list (ACL) component of inheritance rules.

    • Not supported: NFS-only volumes, LDAP authentication.

POSIX Mixed Mode:

  • Default mode for CIFS (SMB) volumes on Nasuni Edge Appliances joined to LDAP. Also available for Nasuni Appliances joined to Active Directory.

  • Recommended for combined NFS and CIFS (SMB) volumes, and for combined CIFS (SMB) and FTP/SFTP volumes. Also recommended for LDAP-authenticated CIFS (SMB)-only volumes with Linux or Mac clients, with UNIX extensions enabled.

    • More information:

      • Access control lists (ACLs) are supported entirely through POSIX ACLs. Windows clients receive mapping of POSIX ACLs to NTFS ACLs. However, the mappings are not as complete as mappings done for NTFS Compatible Mode. NFS clients cannot view the ACLs.

      • The NFSv4 protocol automatically translates the underlying ACLs to NFSv4 ACLs. The common tools for managing POSIX ACLs are not supported on NFSv4. To manage ACLs using NFSv4, you must use the NFSv4 ACL tools.

UNIX/NFS Permissions Only Mode:

      • Default mode for NFS volumes.

      • Recommended for primary or heavy NFS use.

      • Not available for CIFS (SMB) volumes. Not recommended for Windows users.

      • More information:

        • Only supports traditional UNIX mode bits to control permissions (chmod).

        • Windows can view permissions as access control lists (ACLs), but cannot add or remove access control entries (ACEs).

Unauthenticated Access Mode:

  • Default mode for CIFS (SMB) volumes on Nasuni Edge Appliances that are not joined to Active Directory or to LDAP. Also available for Nasuni Edge Appliances joined to Active Directory or LDAP, if the client (such as Windows) is joined to the same domain.

  • Recommended for CIFS (SMB) Public-mode volumes. For CIFS (SMB) clients, this mode acts as an open share. For all other protocols, this mode acts identically to POSIX Mixed Mode.

  1. Click Save.
    The FTP/SFTP protocol is enabled.

Configuring FTP Settings (optional)

You can view and configure FTP/SFTP settings for the Nasuni Edge Appliance. These advanced features of the FTP/SFTP protocol apply to all volumes on the Nasuni Edge Appliance.

To configure FTP settings, follow these steps:

  1. Click Configuration, then select FTP Settings. The General FTP Settings page appears.
    Note: If this Nasuni Edge Appliance is under Nasuni Management Console control, this page is not available on the Nasuni Edge Appliance. Instead, use the Nasuni Management Console to view information or perform actions.
     

  2. Optionally, in the Masquerade Address text box, type an IP address (not a DNS hostname) to present to the client instead of the local server's IP address or DNS hostname.

  3. Optionally, in the Idle Login Timeout text box, type the time in seconds to wait before closing an idle connection. Zero (0) means never close an idle connection.

  4. Optionally, in the Anonymous Access Username text box, type the username that the user must log in with to access any FTP/SFTP directory anonymously. Default: anonymous. The username is case-sensitive.

  5. Optionally, in the Anonymous Access Group text box, type the group associated with the Anonymous Access Username.

  6. Click Save FTP Settings to save your settings.

Adding FTP Directories for a Volume

You can create, view, edit, and delete FTP/SFTP directories for volumes that have the FTP protocol enabled. This enables you to allow FTP/SFTP access to directories and files without adding new users.

To create a new FTP/SFTP directory for a volume, follow these steps:

  1. On the FTP Directories page for a volume, click Add New FTP Directory. The Add FTP Directory / Edit Settings page appears.
     

  2. Click the Directory text box and navigate to the directory you want to access using FTP/SFTP.
    Caution: The maximum length of a file name is 255 bytes. In addition, the length of a path, including the file name, must be less than 4,000 bytes. Since the UTF-8 representation of characters from some character sets can occupy several bytes, the maximum number of characters that a file path or a file name might contain can vary. If a particular client has other limits, the smaller of the two limits applies.

  3. In the Name text box, enter a name for this FTP/SFTP directory. The following characters are not valid for FTP/SFTP directory names:
    <   >   :   “   /   \   |   ?   *

  4. Optionally, enter a descriptive comment in the Comment text box.

  5. Select the Read Only check box if you want the FTP/SFTP directory to be read-only. This means that users can access the FTP/SFTP directory but only have read-only rights and, therefore, cannot make changes to any of the files or directories in the FTP/SFTP directory.

  6. From the Visibility drop-down list, select the visibility of the new FTP/SFTP directory. Your choices are:

    • Default: Every file is visible to the user. However, even if a file is visible to the user, the user might not be able to access the file because of permissions.

    • Hide Unreadable: Files that the user does not have permission to access are not visible to the user.

    • Invisible: No files are visible to the user. However, if a user has the filename of a file, and the appropriate permission, the user can access the file.

  7. To control the permissions on new files in this FTP/SFTP directory, there are several choices, which use umask settings to represent read, write, and execute permissions for the user, the group, and others. Select one of the following choices from the Permissions on New Files drop-down menu:

    • No Extra Restrictions (Default): The owner, the group, and all others have permission for all files in this FTP/SFTP directory. This is a umask setting of 000, which, for a requested permission of 777, produces 777.

    • Read-Only Others: The owner and the group have all permissions for all files in this FTP/ SFTP directory. Others can only read all files in this FTP/SFTP directory. This is a umask setting of 002, which, for a requested permission of 777, produces 775.

    • Read-Only Groups and Others: The owner has all permissions for all files in this FTP/SFTP directory. The group and others can only read all files in this FTP/SFTP directory. This is a umask setting of 022, which, for a requested permission of 777, produces 755.

    • Restrict Others: The owner and the group have all permissions for all files in this FTP/SFTP directory. Others have no permissions for all files in this FTP/SFTP directory. This is a umask setting of 006, which, for a requested permission of 777, produces 771.

    • Restrict Groups and Others: The owner has all permissions for all files in this FTP/SFTP directory. The group and others have no permissions for all files in this FTP/SFTP directory. This is a umask setting of 066, which, for a requested permission of 777, produces 711.

    • Read-Only Groups, Restrict Others: The owner has all permissions for all files in this FTP/ SFTP directory. The group can only read all files in this FTP/SFTP directory. Others have no permissions for all files in this FTP/SFTP directory. This is a umask setting of 026, which, for a requested permission of 777, produces 751.

  8. To control which hosts are allowed to connect to this FTP/SFTP directory, in the IP Restrictions text box, enter a comma-separated list of the IP addresses or subnet addresses of the hosts that are allowed to access this FTP/SFTP directory. If you leave this field blank, all hosts on your network can access this FTP/SFTP directory without restrictions.
    Note: You cannot use IP Restrictions in conjunction with Allowed Users/Groups in step 9.

  9. To control the users and groups that have access to the FTP/SFTP directory, from the Allowed Users/Groups drop-down list, select one of the following choices.

    • Everyone: Allows all users and groups to access the FTP/SFTP directory.

    • Anonymous Only: Allows only the anonymous user to access the FTP/SFTP directory. This selection is only available if Anonymous is enabled, as in step 10.

    • Specific Users/Groups: Allows you to specify the users and groups that have access to this FTP/SFTP directory. The Allowed Groups and Allowed Users areas appear.
      Note: You cannot use Allowed Users/Groups in conjunction with IP Restrictions in step 8.

      Tip: A user can access the FTP/SFTP directory if the user is accessing the FTP/SFTP directory from one of the allowed hosts and is either one of the allowed users or a member of one of the allowed groups.

      Tip: To specify users or groups, the users or groups must have Storage Access enabled.

    To add one group, follow these steps:

    1. In the Allowed Groups area, click Add One. The Name search box appears.

    2. Enter a partial or complete group name, then click Search. The Select Group dialog box appears, containing the partial or complete group name.

    3. To control the range of the search, select one of the following:

    • All: To search through all groups.

    • Domain only: To search through domain groups only.

    • Native only: To search through native groups only.

    • Click Search. A list of groups that match your search appears. Select the group to define access for, then click Add Selected Group. The selected group appears in the Allowed Groups area.

    To add more than one group, follow these steps:

    1. In the Allowed Groups area, click Add Many. The Select Groups dialog box appears.

    2. In the Search text box, enter a partial or complete group name.

    3. To control the range of the search, select one of the following:

    • All: To search through all groups.

    • Domain only: To search through domain groups only.

    • Native only: To search through native groups only.

    • Click Search. A list of groups that match your search appears.

    • Select the groups to define access for, then click Add Selected Groups. The selected groups appear in the Allowed Groups area.

    To delete a group from the Allowed Groups list, click Delete next to the group name. The group is deleted from the list.

    To add one user, follow these steps:

    1. In the Allowed Users area, click Add One. The Name search box appears.

    2. Enter a partial or complete user name, then click Search    . The Select User dialog box appears, containing the partial or complete user name.

    3. To control the range of the search, select one of the following:

    • All: To search through all groups.

    • Domain only: To search through domain groups only.

    • Native only: To search through native groups only.

    • Click Search. A list of users that match your search appears. Select the user to define access for, then click Add Selected User. The selected user appears in the Allowed Users area.

    To add more than one user, follow these steps:

    1. In the Allowed Users area, click Add Many. The Select Users dialog box appears.

    2. In the Search text box, enter a partial or complete user name.

    3. To control the range of the search, select one of the following:

    • All: To search through all groups.

    • Domain only: To search through domain groups only.

    • Native only: To search through native groups only.

    • Click Search. A list of users that match your search appears.

    • Select the users to define access for, then click Add Selected Users. The selected users appear in the Allowed Users area.

    To delete a user from the Allowed Users list, click Delete next to the user name. The user is deleted from the list.

  10. To allow anonymous FTP access, select the Anonymous check box.
    Tip: If anonymous FTP access is enabled, any user can access the FTP/SFTP directory.

  11. To enable uploads using temporary files, select Temporary-File Uploads. If selected, file uploads are performed in two steps, using a temporary file. This prevents issues such as incomplete uploads and attempted file use before the upload is complete. This feature is automatically enabled for anonymous uploads. Since this feature prevents resuming failed uploads, deselect Temporary-File Uploads if you want to be able to resume failed uploads.

  12. To hide ownership details in directories, select Hide Ownership in Listings. This can enhance security.

  13. To accept your selections, click Save Directory.

The FTP/SFTP directory is created and appears in the list of FTP/SFTP directories. The FTP/SFTP directory is available to users.

Alternatively, to exit this screen without creating an FTP/SFTP directory, click the Reset button.

Viewing FTP directories

To view existing FTP/SFTP directories for a volume, follow these steps:

  1. Click Volumes, then select a volume with the FTP protocol enabled from the list.
    Note: If this Nasuni Edge Appliance is under Nasuni Management Console control, this page is not available on the Nasuni Edge Appliance. Instead, use the Nasuni Management Console to view information or perform actions.

  2. The Volume properties page appears. Select FTP Directories from the Properties drop-down list. The FTP Directories page appears.
       

    For each FTP/SFTP directory, the following information is displayed:

    1. Name: The name of the FTP/SFTP directory.

    2. Path: The path to the FTP/SFTP directory.

Editing FTP directories

To edit the selected FTP/SFTP directory, click Edit Directory, then follow the steps of “Adding FTP Directories for a Volume”.

Deleting FTP directories

To delete the selected FTP/SFTP directory access point (not the data), follow these steps:

  1. Click Volumes, then select a volume with the FTP protocol enabled from the list.
    Note: If this Nasuni Edge Appliance is under Nasuni Management Console control, this page is not available on the Nasuni Edge Appliance. Instead, use the Nasuni Management Console to view information or perform actions.

  2. The Volume properties page appears. Select FTP Directories from the Properties drop-down list. The FTP Directories page appears.
     

  3. For the FTP/SFTP directory you want to delete, click Delete Directory. The Confirm Directory Delete dialog box appears.

  4. Click Confirm Delete. The FTP/SFTP directory is removed.

Adding a Permission Group with Storage Access (optional)

You can add up to 500 permission groups to which you can assign users. For each group, you can specify exactly which actions the users in that group have permission to perform. You can associate Active Directory and LDAP domain groups with a permission group.

To add a permission group, follow these steps:

  1. Click Configuration, then select Users/Groups from the drop-down list. The Filer Users and Groups Overview page appears.
     

    Note: If this Nasuni Edge Appliance is under Nasuni Management Console control, this page is not available on the Nasuni Edge Appliance. Instead, use the Nasuni Management Console to view information or perform actions.

  2. On the Filer Users and Groups Overview page, click Manage Groups. The Filer Groups page appears.
     

  3. Click Add Group. If there are already 500 groups, you must delete an existing group before you can add a new group. The Add New Group dialog box appears.
     

  4. In the Group Name text box, enter the name for this group. The Group Name can have up to 30 characters, including letters, digits, and symbols.

  5. From the Access Type drop-down list, select Storage Access.
    Note: Storage Access does not grant any access to the Nasuni Edge Appliance user interface.

    Note: If you select Storage Access, you cannot enter a Group Association.

  6. To accept your selections, click Add Group. The permission group is added with the selected permissions.

Adding Users (optional)

You can add up to 500 users. For each user, you can specify which permission groups that user belongs to. If this Nasuni Edge Appliance is joined to Active Directory or LDAP, you can also add domain users.

Note: Adding a domain group allows all Active Directory or LDAP users in that group to access the user interface. You do not need to explicitly add those users.

  1. Click Configuration, then select Users/Groups from the drop-down list. The Filer Users and Groups Overview page appears.
     

    Note: If this Nasuni Edge Appliance is under Nasuni Management Console control, this page is not available on the Nasuni Edge Appliance. Instead, use the Nasuni Management Console to view information or perform actions.

  2. On the Filer Users and Groups Overview page, click Manage Users. The Filer Users page appears.
     

  3. Click Add Native User. If there are already 500 users, you must delete an existing user before you can add a new user. The Add Native User dialog box appears.
                      

    1. In the Username text box, enter the name for this user. The Username can have up to 30 characters, including letters, digits, and the following symbols: @ . + - _ (at symbol, period, plus sign, minus sign, underline).

    2. In the Email text box, enter the email address for this user.

    3. In the Password text box, enter the password for this user. Enter the same password in the Password confirmation text box. An indicator of password strength appears. Although password strength is not enforced, you should use strong passwords.

    4. In the Groups list, for each of the permission groups, select or clear the check box for granting membership to the permission group.

    5. To accept your selections, click Add User. The user is added with membership in the selected groups.

  4. If the Nasuni Edge Appliance is joined to Active Directory or LDAP Directory Services, to add a domain user, click Add Domain User. If there are already 500 users, you must delete an existing user before you can add a new user. The Add Domain User dialog box appears.
    Note: Adding a domain group allows all Active Directory or LDAP users in that group to access the user interface. You do not need to explicitly add those users. You only need to add Active Directory or LDAP users individually if you do not want to grant access to the entire group.

    1. In the Username text box, enter the name of a user in an Active Directory or LDAP domain. For Active Directory domains, the Username must be NT-compatible. The Username can have up to 30 characters, including letters, digits, and the following symbols:

      @   .   +   -   _   (at symbol, period, plus sign, minus sign, underline).

    2. In the Groups list, for each of the permission groups, select or clear the check box for granting membership to the permission group.

    3. To accept your selections, click Link User. The user is added with membership in the selected groups.

Accessing Data using the FTP/SFTP Protocol

If the FTP/SFTP protocol has been enabled for a volume, and FTP/SFTP directories have been added to a volume, you can use FTP/SFTP commands and various applications to access that data.

To access data using FTP commands, use commands such as these:

  1. Enter the following FTP command:

    ftp <filer DNS | filer IP>

    where <filer DNS | filer IP> is the DNS or IP address or hostname of the Nasuni Edge Appliance.

  2. When prompted, enter a valid username and password for that Nasuni Edge Appliance.
    Note: This user must belong to a permission group that has Storage Access enabled. See “Adding a Permission Group with Storage Access (optional)”.

  3. Navigate to the directory using a command of the form:

    cd /<ftp_directory>/<folder_name>

    where <ftp_directory> is the name of the FTP directory and <folder_name> is the name of the folder that the FTP access is defined for.

Caution: The maximum length of a file name is 255 bytes. In addition, the length of a path, including the file name, must be less than 4,000 bytes. Since the UTF-8 representation of characters from some character sets can occupy several bytes, the maximum number of characters that a file path or a file name might contain can vary. If a particular client has other limits, the smaller of the two limits applies.

Alternatively, follow these steps:

  1. Enter the following on the address bar of your Web browser:

    ftp://<user_name>@<filer>/<ftp_directory>/<folder_name>

    where
    <user_name> is the username of the user. This user must belong to a permission group that has Storage Access enabled. See “Adding a Permission Group with Storage Access (optional)” on page 17.

    <filer> is the IP address or hostname of the Nasuni Edge Appliance.

    <ftp_directory> is the name of the FTP directory.

    <folder_name> is the name of the folder that FTP access is defined for.
    Note: If you are not logging in anonymously, you still must specify a username in the URL, such as ftp://username@ftp.server.hostname. This is true even if Anonymous access is not enabled.

  2. When prompted, enter a valid username and password for that Nasuni Edge Appliance.
    Note: This user must belong to a permission group that has Storage Access enabled. See “Adding a Permission Group with Storage Access (optional)” .

  3. A display of the FTP/SFTP directory appears. You can then navigate this directory to access folders and files.

Caution: The maximum length of a file name is 255 bytes. In addition, the length of a path, including the file name, must be less than 4,000 bytes.  Since the UTF-8 representation of characters from some character sets can occupy several bytes, the maximum number of characters that a file path or a file name might contain can vary. If a particular client has other limits, the smaller of the two limits applies.

FTP Status

You can view FTP/SFTP directories for volumes that have the FTP/SFTP protocol enabled. You can also view the status of FTP/SFTP clients.

Viewing FTP directories and FTP clients

To view FTP/SFTP directories, follow these steps:

  1. Click Status, then select FTP Status from the list. The FTP Directories page displays a list of FTP/SFTP directories for volumes with the FTP protocol enabled. A list of any FTP/SFTP clients also appears.
     

The following information is displayed:

  • Protocol version: The supported versions of the FTP/SFTP protocol.

  • FTP Directories: A table displays, for each FTP/SFTP directory, the following.

    • Volume: The volume for the FTP/SFTP directory. Clicking this link opens either the FTP Directories page for this volume (see “Viewing FTP directories” on page 14), if this Nasuni Edge Appliance is not under the control of the Nasuni Management Console, or the Home page, if this Nasuni Edge Appliance is under the control of the Nasuni Management Console.

    • Path: The path to the FTP/SFTP directory.

    • Directory Name: The name of the FTP/SFTP directory. Clicking this link opens either the Add FTP Directory / Edit Settings page for this volume (see “Editing FTP directories” on page 15), if this Nasuni Edge Appliance is not under the control of the Nasuni Management Console, or the Home page, if this Nasuni Edge Appliance is under the control of the Nasuni Management Console.

  • FTP Client Status: A table displays, for each FTP/SFTP client, the following.

  • FTP Type: The type of FTP/SFTP client: FTP or SFTP.

  • Host: The host of the FTP/SFTP client.

  • User: The name of the user using the FTP/SFTP client. This user must belong to a permission group that has Storage Access enabled. See  “Adding a Permission Group with Storage Access (optional)” on page 17.

Disconnecting FTP clients

To disconnect an FTP/SFTP client, follow these steps:

  1. Click Status, then select FTP Status from the list. The FTP Directories page displays a list of FTP/SFTP clients.
     

  2. Select a client from the list of clients, then click Disconnect. The Disconnect Client dialog box appears.

  3. Click Disconnect Client.

The client is disconnected. The message “Client was disconnected from the Edge Appliance” appears. Click x to close the message box.

Appendix 1: Volume Configuration

The following table contains Nasuni recommendations for configuring volumes, based on the objectives for the volume. Configuration includes consideration of the following:

  • Original volume protocol

  • Additional volume protocol, if any

  • Authentication

  • Volume Permissions Policy

  • Case Sensitivity

Important: Before joining Edge Appliance to Active Directory, contact Nasuni Support to ensure optimal configuration.

Objective of volume

Original volume protocol

Additional volume protocol

Set

Authentication to …

Set

Permissions Policy to …

Set Case Sensitivity to …

Options available include:

Unsupported features

include:

SMB clients only (Microsoft Windows clients, macOS clients) (no NFS, no FTP)

SMB (CIFS)

None

Active Directory

NTFS

Exclusive

No

Durable handles (with SMB 2.0+ and GFL disabled).

Web Access. Global File Lock Advanced and Optimized mode.

NFS. FTP.

LDAP. Multiple volume protocols.

Switching from NTFS

Exclusive to NTFS

Compatible.

SMB clients + FTP (Microsoft Windows clients, macOS clients)

SMB (CIFS)

FTP

Active Directory

NTFS

Compatible or POSIX

Yes (Case sensitivity required to add FTP)

FTP. Web

Access. Global File Lock: Advanced and Optimized mode. Switch from NTFS Compatible to NTFS

Exclusive.

NFS. LDAP

NFS clients (UNIX or Linux clients)

NFS

None

Active Directory

POSIX

Yes (cannot be changed)

FTP.

Global File Lock: Optimized mode.

CIFS (SMB)

volumes. Web Access.

Important: The Nasuni Mobile Access app is scheduled for End-of-Life on May 1, 2024. After this date, the Nasuni Mobile Access app will no longer be supported or available from app stores.

Objective of volume

Original volume protocol

Additional volume

protocol

Set

Authentication to …

Set

Permissions Policy to …

Set Case Sensitivity to …

Options available include:

Unsupported features

include:

NFS + SMB

Clients: IDs mapped between SMB/NFS using AD Unix Extensions (Microsoft Windows clients, macOS clients, UNIX or Linux clients)

NFS

SMB (CIFS)

Active Directory

POSIX

(translated to NTFS)

Yes (cannot be changed)

FTP.

Web Access.

Global File Lock: Optimized mode

LDAP.

SMB + NFS Basic InterOp: no ID mapping (Microsoft Windows clients, macOS clients, UNIX or Linux clients)

SMB (CIFS)

NFS

Active Directory

NTFS

Compatible

+ POSIX

Yes (Case sensitivity required to add NFS and FTP protocols)

FTP.

Web Access.

Global File Lock: Optimized mode.

Can switch from NTFS Compatible to NTFS

Exclusive.

NFS-only volumes. LDAP

authentication.

Copyright © 2010-2024 Nasuni Corporation. All rights reserved.

Related articles