NetApp cDOT Prerequisites

  1. The minimum required version of clustered Data ONTAP (cDOT) for use with Peer Global File Service or PeerSync is v8.2. Older versions of cDOT will not work. ONTAP 9 and above is also supported, as is Cloud Volumes ONTAP.
     
  2. Any Windows Server that will be interfacing with a Storage Virtual Machine (SVM) through the Peer Agent or PeerSync must be on the same domain, same network segment, and same subnet as the SVM. This network must operate at speeds of at least 1Gbit/sec.
     
  3. The minimum version of Windows required for FPolicy support with the Peer Agent or PeerSync is Windows Server 2008.
     
  4. No other FPolicy or VSCAN products from Peer Software or any other vendor can be run on this FPolicy Server. In addition, no other Peer Software products can be run on this server (like the Peer Management Center).
     
  5. CIFS Access: The DNS name of the SVM that is used to configure the Peer Agent or PeerSync must resolve to the IP address of the intended data LIF through which File Collaboration or PeerSync will read and write data.
     
  6. CIFS Permissions: The service account for the Peer Agent or PeerSync must be a member of the Local Admin Group on the SVM. In order to add the service account <Domain User Name> (in the format "DOMAIN\USERNAME") to the Local Admin Group of SVM <SVM Name>, run the following ONTAP command from the cluster context: 

    vserver cifs users-and-groups local-group add-members -vserver <SVM Name> -group-name BUILTIN\Administrators -member-names <Domain User Name>
  7. CIFS Privileges: In order to properly query and set DACLs, SACLs, owner and/or group configurations on files and folders, the service account for the Peer Agent or PeerSync must be granted special privileges. To grant these privileges to the account <Domain User Name> (in the format "DOMAIN\USERNAME") on SVM <SVM Name>, use the following ONTAP command from the cluster context:

    vserver cifs users-and-groups privilege add-privilege -vserver <SVM Name> -user-or-group-name <Domain User Name> -privileges SeBackupPrivilege, SeRestorePrivilege,SeSecurityPrivilege,SeTakeOwnershipPrivilege, SeTcbPrivilege
  8. ONTAPI Access: At least one LIF per associated SVM must have management access enabled. The server running the Peer Agent or PeerSync must be able to communicate with this management LIF. This management LIF can also serve as a data LIF if desired.
     
  9. ONTAPI Permissions: Peer Agent and PeerSync must both be configured with an account on the SVM that has been granted ONTAPI access. It is recommended that this be a dedicated local account on the associated SVM just for the use of Peer products. The following ONTAP commands can be executed from the cluster context to create a local account <User Name> with appropriate ONTAP API access on SVM <SVM Name>:

    security login create -vserver <SVM Name> -username <User Name> -application ontapi -authmethod password -role vsadmin

      You will be prompted to enter a password. Then run: 

    security login create -vserver <SVM Name> -username <User Name> -application ssh -authmethod password -role vsadmin 

    Please Note: The username and password of this account must be entered into each Peer product for now as part of the configuration process.
     

  10. The NETBIOS name of the SVM must match the actual name of the SVM within the cluster.
     
  11. No firewalls (software or hardware) should be enabled between the FPolicy Server and the SVM.