If your Edge Appliance has users who are authenticated by domain, and if the Edge Appliance loses connectivity to the domain, the user accounts might not be able to authenticate. In cases like this, you would like your users to be able to access data, even without the domain to authenticate them.
You can define user access that does not require connectivity to the domain. This involves creating a Permission Group that has Storage Access (not User Interface Access). Storage Access does not require authentication through the domain. You then create Native Users with Storage Access. Native Users do not require authentication through the domain.
Caution: When a Nasuni Edge Appliance goes under the control of the Nasuni Management Console, the following processing occurs:
Any existing local users and groups on the Nasuni Edge Appliance are replaced by the users and groups of the NMC.
When a Nasuni Edge Appliance is disconnected from the Nasuni Management Console, the Nasuni Edge Appliance retains those users and groups that pertain to the Nasuni Edge Appliance.
For this reason, you should either use the NMC to define users and groups, or place the Edge Appliance under the management of the NMC before creating users and groups with the Edge Appliance.
Procedure using NMC
To use the NMC (recommended) to define a group whose members do not require connectivity to the domain, follow these steps:
On the Console Settings page, select the Console Users and Groups Overview page, click Manage Groups, then click Add Group. The Add Group dialog box appears.
In the Group Name text box, enter the name for this group. The Group Name can have up to 30 characters, including letters, digits, and symbols.
From the Access Type drop-down list, select the type of access: Storage Access.
In the Filer Access list, select or clear the Nasuni Edge Appliances to which you want to grant access by the new group.
Click Add Group. The group is added with the selected permissions.
To use the NMC (recommended) to add users to this group follow these steps:
On the Console Settings page, select the Console Users and Groups Overview page, click Manage Users. The Console Users page appears.
Click Add Native User. The Add Native User dialog box appears.
Enter the Username, Email, and Password.
In the Groups list, select the check box for the Permission Group that you created above.
Click Add User. The user is added with membership in the selected groups. These users can access the data, without requiring domain-based authentication.
Procedure using Edge Appliance
Important: As mentioned above, if users and groups are created using the Edge Appliance, and then the Edge Appliance is placed under the management of the NMC, then those users and groups are replaced by users and groups from the NMC. For this reason, ensure that the Edge Appliance is already under the control of the NMC before performing this procedure.
To use the Edge Appliance to define a group whose members do not require connectivity to the domain, follow these steps:
Perform the procedure Adding Permission Groups up to step 5.
On step 5 of Adding Permission Group, select Storage Access.
Continue with the rest of the procedure.
The group is added with the selected permissions.
To use the Edge Appliance to add users to this group follow these steps:
Perform the procedure Adding Users up to step 3d.
On step 3d, select the group that you defined above.
Continue with the rest of the procedure, but skip step 4. The user is added with membership in the selected groups.
These users can access the data, without requiring domain-based authentication.