VMware Cloud Community
aelus
Contributor
Contributor

Access to NFS at Windows Server 2008

Hallo,

I've several ESXi (3.5U3) server and I've one fileserver running Windows Server 2008 with installed Services for Network File System. On my 2008-DC I've installed Microsoft Identity Management for UNIX (user name mapping is not possible with server 2008), but I still cannot access the NFS-Share on the fileserver. Does anyone of you also run this configuration, any thoughts? Thanks in advance!

aelus

Reply
0 Kudos
17 Replies
nick_couchman
Immortal
Immortal

I don't run that configuration, but you may want to check and make sure that the ESXi hosts have full ("root") permissions to the share. I'm not exactly sure how this works in 2k8, but ESXi needs full access to the NFS share to be able to function properly. ESX has a way of switching the UID that it uses to access NFS shares, but ESXi has to have root privileges.

kupjones
Contributor
Contributor

ESX wants to authenticate to NFS as user 'root' (authenticate is a loose term when it comes to NFS). Updated NFS servers have "root squash" turned on meaning that the user root is prevented from doing anything with NFS. Make sure "root squash" is turned off. This technote (http://technet.microsoft.com/en-us/library/cc753302.aspx) covers setting up NFS and thesection on creating an NFS share discusses the issue of root squash.

Alternatively, VMWare posted a note for changing the NFS "delegate" meaning you may employ a user other than ROOT -- but this is not the recommended route.. http://pubs.vmware.com/vi301/server_config/wwhelp/wwhimpl/common/html/wwhelp.htm?context=server_conf...

nick_couchman
Immortal
Immortal

The NFS delegation feature is not available in ESXi.

Message was edited by: nick.couchman

Reply
0 Kudos
kupjones
Contributor
Contributor

The choice of the word "Alternatively" was a poor one -- I meant to include this simply as furthur information regarding the mention of ESX. The first course of action is the only one available and the technote details the steps.

Reply
0 Kudos
aelus
Contributor
Contributor

My root user have full access to the specified folder and I also activated the the root squash issue. My feeling is my problems depend more to active directory, the matching of the unix-id and the sid of the "root" user. User Name Mapping is not supported any more in Windows Server 2008, you had to use the AD, maybe that's the point? There are some documents about configuration, but none worked properly.

Reply
0 Kudos
kupjones
Contributor
Contributor

So my assumption is you have followed the steps in the technote exactly, correct? Is there an indication in your vmkernel logs that the issue is a permissions issue?

Reply
0 Kudos
aelus
Contributor
Contributor

Oh yes, I have knewn the technet articel, but I'm related more to http://studentguru.gr/blogs/kingherc/archive/2008/06/26/ubuntu-linux-as-nfs-client-of-windows-server..., but both of them didn't fixed my problem.

Reply
0 Kudos
bpsmanagement
Contributor
Contributor

Sorry to bring up an old topic but I am also having this issue with mapping a NFS datastore to ESXi. I have setup the Servives for NFS service as well as NIS server. I ran the wizard within the NIS server to import my group and passwd files I copied earlier from my ESXi server ising WinSCP. This created what I would think is the required information for AD. All U/N's from the ESXi box are successfully created and the UNIX attrbutes are populated. From there I go to my NFS Server configuration and point User Name Mapping to my AD domain. Then I create my NFS share and verify that root has read-write. When I attempt to connect to the NFS share via the VMware Infrastructure Client I get a failure "Error during the configuration of the host: NFS Error: Unable to mount filesystem: The mount request was denied by the NFS server. Check that the export exists and the client is able to mount it."

Any ideas here? Anyone successfully able to mount a NFS share in ESXi that is hosted on a server 2008 box?

Reply
0 Kudos
tlindi
Enthusiast
Enthusiast

Hi

I'm in same situation...

Check

That 0 in NFSServer parameters at registy (after boot) helped me to mount nfs share.

Unfortenately I'm still stucked with "general error" ("access denied" with Linux NFS Mount) while trying to create folder...

Others are too, says google...

T.omi

:DD I managed to make it work! After 18h's !http://communities.vmware.com/message/1237395/!! I'll write guide for this

quick one:

-


on WIndows Server 2008

Install Services for Network File System

Run: servermanagercmd -install ADDS-Indentity-Mgmt (!NOT -Management as the Help says!)

That installs

Identity Management Active Directory Shema extensions for Unix

and Active Directory (eg <domain.local>), if not already installed

Create AD User "root"

Configure Users properties Unix subpage UID -> 0

Create AD group "root" (use Pre-Windows 2000 group name eg "root-")

Groups properties Unix subpage UID -> 0 (or was it GID)

Manage/Create share with Adminstrative tools - Storage Management

Create share

Set NTFS Perm Everyone Full controll

Set Identity Active Directory AD Name to your AD (eg <domain.local>)

Accept "Let Everyone ..." Policy question.

On ESX

Configure NFS Storage from your WS08 with IP

Voilá!

I'll check this when I make guide.

Message was edited by: tlindi

Fixed one typo, sorry folks no good quide yet Smiley Sad

Reply
0 Kudos
sant0sk1
Contributor
Contributor

So does the Windows 2008 NFS server have to also be a DC?

Reply
0 Kudos
Schorschi
Expert
Expert

In short, no.

Reply
0 Kudos
hickman
Enthusiast
Enthusiast

How the perfomance of this configuration ? I've attempted the same and it seem pitiful to to me, with disk io of about 10MBs. Any advice to improve it ?

Reply
0 Kudos
kupjones
Contributor
Contributor

Personally, I would abandon NFS on Windows -- MS simply has no perssure to improve on performance. I have successfully used FreeNAS either as a standalone system or as a VM running on ESX4 and the performance is good -- not as good as a NetApp, but in a pinch pretty good.

Reply
0 Kudos
reboskyz24
Contributor
Contributor

Is the NFS datastore running on local disks, SAN, NAS...? I'm asking because I'm spec'ing out our next architecture upgrade and NFS is an integral part which will require better than 'decent' IO performance.

Reply
0 Kudos
hickman
Enthusiast
Enthusiast

It was on local storage, 7+1 RAID5 using SAS drives.. I abandoned Windows and am using freenas. It is about 3x better performing, although still nothing to write home about.

Reply
0 Kudos
Pascalloz
Enthusiast
Enthusiast

I had a similar problem, after reading alot of pages on the internet regarding this issue i was kinda stuk. But i managed to solve my problem.

I have a ESX4i server, with at the moment 2 vms (1 windows 2008 R2 core installation, which is my dc,dhcp,dns,file and NFS server) and one windows 2008 R2 full installation.)

I also had the problem that when i try to map the nfs share in esx i was receiving the error message: error during the configuration of the host cannot open volume. etc...

Well the solution for me was, 2 things.

in the NFS management console -> properties of your NFS share -> Premissions tab -> NFS permissions:

- I had to add the NFS server it self (just read acces and no allow root acces), instead of the esx host (which i thought i should use)

- and then i had to give the "ALL MACHINES" allow root access (and leave access to read-only)

And after that, ESX4i was more than happy to mount the NFS share for me! Smiley Happy

I hope this can help some people !

Reply
0 Kudos
Dekster
Contributor
Contributor

tlindi

Yes, it works! Thk you for manual!

Reply
0 Kudos