How do permissions work with Multi-Protocol Support?
Multi-Protocol support was introduced in PeerGFS v6.2 and is available to customers with Enterprise or Data Center subscription licenses.
Multi-Protocol support in PeerGFS allows Linux Agents to monitor real-time Network File System (NFS) and Server Message Block (SMB) client activity on associated NAS devices while managing replication tasks using a mix of NFS and SMB connections. File and folder data are read and written using NFS connections. However, when it comes to reading and writing permissions, the Agent may use either NFS or SMB, depending on the configuration of each File Synchronization or File Replication job. Three options are available: Linux-style permissions, Windows-style permissions, and in limited cases, mixed permissions.
Ensure that the permission settings in your File Synchronization or File Replication job align with the security configuration of the volumes or mount targets being replicated.
If a NetApp ONTAP or Amazon FSxN volume uses a UNIX security style, configure the job in PeerGFS to use Linux-style permissions.
If a NetApp ONTAP or Amazon FSxN volume uses an NTFS security style, configure the job in PeerGFS to use Windows-style permissions.
If a Nutanix Files mount target has Primary Protocol Access set to NFS, configure the job in PeerGFS to use Linux-style permissions.
If a Nutanix Files mount target has Primary Protocol Access set to SMB, configure the job in PeerGFS to use Windows-style permissions.
You can configure separate jobs in PeerGFS to synchronize volumes and mount targets with different permission styles as needed.
The following describes how each permission type is managed:
Linux-style permissions: When using Linux-style permissions, the Linux Agent connects to the NAS device via NFS to read and write permissions for files and folders. Standard NFS practices are used for authenticating these connections.
Windows-style permissions: For Windows-style permissions, the Linux Agent connects to the NAS device via a Samba-based SMB connection to manage these permissions for files and folders. This requires standard Windows credentials, which must be configured in the SMB access configuration for each participant. For more details on configuring SMB access settings, see Getting Started with Multi-Protocol for PeerGFS.
Mixed permissions (currently supported only for Dell PowerScale): The Linux Agent uses both NFS and Samba-based SMB connections to read and write files and folder permissions. NFS is used for Linux-style permissions, while SMB is used for Windows-style permissions. Not all NAS platforms support both permission models simultaneously. Ensure compatibility before enabling mixed permissions.
Related articles
- Achieving high availability for the PMC through active-passive configuration
- Achieving high availability for the PMC through active-passive configuration (v4.7.0 - v5.1.1)
- Achieving high availability for the PMC through active-passive configuration (v5.2 and later)
- Amazon FSx for NetApp ONTAP Prerequisites
- Dell PowerScale Prerequisites
- Firewall Requirements
- Issues runing PeerSync as a service
- NetApp ONTAP Prerequisites
- Nutanix Files Prerequisites
- Peer Global File Service - Environmental Requirements
- PeerGFS jobs fail to start after initial job due to NetAPP ONTAP v9.15.1 upgrade
- PeerSync - Environmental Requirements
- PeerSync Security Port Usage
- Prerequisites
- Problem replicating NTFS permissions