Security & Management Features in CD/DVD server

Security & Management Features in CD/DVD Server

The CD/DVD Server provides flexible and powerful management tools incorporated directly into the firmware. Security can be handled in multiple ways either through domain services, existing servers or from within the CD-Server/NetMate itself. Multiple methods can also be used simultaneously. The Users & Groups section and the Volumes Section of the CD-Server/NetMate administration pages allow the Supervisor to configure all of these security options.

The Add User page allows the administrator to enter new users into the CD/DVD Server. Users can either be "Local" users where the CD/DVD Server handles all security or "Remote" users where the user exists on another server but accesses shared resources on the CD/DVD Server. To create a user type the new name into the "User Name:" field and click "Continue". The following field:

CD server, DVD server

Legacy Network Controller Shown. LCD & Keypad available on UDSS only. Netmate Models come with LED for Power, Status, Network & Drive only.

User Name displays the user name entered on the previous screen.

Local User enables the CD/DVD Server to handle all security for this user.

Remote User can be created for one of two reasons. Either the user is going to be added to a local group and have access privleges to items this local group can access, or if the user is going to be given specific access rights to a shared resource. Also, whenever the CD/DVD Server is accessed via NDS a remote user is automatically generated for this NDS user.

Disable Login determines if the user should be denied access to the CD/DVD Server.

NFS ID with a default value of "-2" is used for all new users. An alternate ID can be entered in this field.

Configure User is the feature that allows configuration of existing users. The same configurable parameters that were available in the Add User page are available on this page.

Delete User Feature sets aqny existing users to be deleted from this page.

Add Group page allows the administrator to enter new groups to the CD/DVD Server. Groups can either be "Local" groups where the CD/DVD Server handles all security or "Remote" groups where some security aspects are handled through another server.

To create a group type the new name into the "Group Name:" field and click "Continue". It is importiant to note that any spaces entered into a group name will be converted to underscores (_). This is to maintain compatibility with many networking systems which do not permit spaces in group names, while still working with ones which do. After entering the group, the following fields then appear:

Group Name displays the group name entered on the previous screen.

Local Group determines if the CD/DVD Server will handle security for this group.

Remote Group is the button to program whether the group to be created shall be a remote group. A remote group is a group that is stored on another server. During access to a shared resource a request is made to the remote server to see if the user trying to log in belongs to the remote group. Note that with Microsoft Networking, in remote group names, spaces and underscores are treated equaly. For example, the group name "DOMAIN_ADMINS" on the local CD-Server/NetMate would equate to the group "Domain Admins" in an NT domain.

NFS ID has a default value of "-2" and is used for all new groups. An alternate ID can be entered in this field.

Select users for local group lists are used to select users that will belong to the currently displayed group. Users belonging to this group will have access to shared resources that are assigned to this group. To include a user, select the desired user from the left list and click the right arrow (Add) to move the selection to the list on the right. To remove a user, select the user in the list on the right and click the left arrow (Remove).

Configure Group feature allows you to configure existing groups. The same configurable parameters that were available in the Add Group page are available on this page.

Delete Group sets any existing groups to be deleted from this page.

CD/DVD Server's Volume Management feature is flexible and powerful. Security options include: management down to a directory level, changing volume names and restricting concurrent user access to comply with the licensing restrictions of software publishers. These functions and others are configurable within the Configure Volume pages. Within this page the user is present with a list of all physical shared resources whether actual CD/DVD volumes or Archived Volumes. A volume can be highlighted and one of the following 3 choices made:

Original name represents the actual volume name of the disc prior to any alias being created (unless the volume name is a duplicate volume name that the CD/DVD Server will internally change to reduce confusion).

Alias is a name entered into this field will replace the original name of the volume as seen from the client. This feature allows the administrator to rename sometimes confusing volume names with ones that are easier to understand.

File System field displays the type of file system of this shared resource.

Size represents the size of the shared resource in megabytes.

Device is displayed in the format of [BUS,ID,LUN]. The CD/DVD Server can support up to 240 individual SCSI devices using all available parameters.

BUS is the bus the device is on. CD/DVD Server has up to two busses numbered 0 and 1.

ID is the SCSI ID of the device. Narrow SCSI ranges from 0 to 6 and Wide SCSI ranges from 0 to 15 (excluding 7 which is used by the CD-Server/NetMate).

LUN is the Logical Unit Number of the device. In the range of 0 to 7.

When a volume or directory is highlighted in the list, clicking the Open button will open this item displaying the content of the next sub-directory. If the (Parent Directory) item for a given directory is chosen and this button is clicked, then the current location displayed is moved up one directory

The following permission information is available to be set for the entire shared resource and not for a given directory.

Password entere is used for the volume. This becomes the password used for AppleTalk or Microsoft share level security.

Confirm sets the share-level security password.

Licenses is the field that represents the number of concurrent users that can access a particular shared resource. This feature allows the system administrator to conform to specific license restriction imposed by software publishers. Either unlimited users "licenses" or a specific number of users "licenses" can be set with this field.

The following permission information is available to be set for the entire shared resource or for individual directories within the shared resource.

Allow All Users and Groups is this choice if all users and groups will have access to this shared resource or directory.

Allow Selected Users and Groups is selecteed if only selected users and groups will have access to this shared resource or directory. The users and/or groups that will be allowed access to this resource are defined by the "selected" list described below.

Inherit Access is checked for directories within a shared resource if this directory is going to have the same security rights as the directory above it.

Available/Selected Users and Groups lists are used to select users and/or groups that will have access to the currently displayed shared resource or directory. To include an item, select the appropriate user/group from the left list and click the right arrow (Add) to move the selection to the list on the right. To remove an item, select the user/group in the list on the right and click the left arrow (Remove).

A virtual volume is a shared resource that allows other shared resources to be consolidated into a single mount point. A virtual volume can be created and have installed into it specific directories from specific CD/DVD's. For instance, an "installs" volume can be created that includes all the install directories from other CD/DVD's. Or, for instance, an "accounting" virtual volume can be created that includes all 5 individual year-end accounting CD/DVD's in one volume. The administrator can use a virtual volume to organize information more effectively. To enter a new virtual volume type the new name into the "Volume Name:" field and click "Continue". On the next window two lists appear. The one to the left represents all online volumes, which can be placed within a virtual volume. The list to the right represents the contents of the virtual volume. Items to left can be added or removed from the virtual volume. When the desired items have been added to the virtual volume clicking "done" saves all changes.

When a volume or directory is highlighted in the left most list clicking the Open button will open this item displaying the content of the next sub-directory. If the (Parent Directory) item for a given directory is chosen and this button is clicked, then the current location displayed is moved up one directory.

When a volume or directory is highlighted in the left most list clicking the Add button will include this item in the virtual volume being created and move the item to the right list.

When a volume or directory is highlighted in the right list clicking the Remove button will remove this item from the virtual volume being created.

When all desired items have been entered into the virtual volume clicking the Done button saves all changes.

Configure Virtual Volume feature allows you to configure an existing Virtual Volume. Selecting a Virtual Volume from the list and clicking on the "Properties" button allows the same configurable parameters that were available in the Add Virtual Volume page to be manipulated.

The following permission information is available to be set for the entire shared resource and not for a given directory.

Password field enters a password for the volume. This becomes the password used for AppleTalk or Microsoft share level security.

Confirm field sets the share-level security password.

Licenses field represents the number of concurrent users that can access a particular shared resource. This feature allows the system administrator to conform to specific license restriction imposed by software publishers. Either unlimited users "licenses" or a specific number of users "licenses" can be set with this field.

The following permission information is available to be set for the entire shared resource or for individual directories within the shared resource.

Allow All Users and Groups is checked if all users and groups will have access to this shared resource or directory.

Allow Selected Users and Groups is selected if only selected users and groups will have access to this shared resource or directory. The users and/or groups that will be allowed access to this resource are defined by the "selected" list described below.

Inherit Access is used to determine directories within a shared resource if this directory is going to have the same security rights as the directory above it.

Available/Selected Users and Groups lists are used to select users and/or groups that will have access to the currently displayed shared resource or directory. To include an item, select the appropriate user/group from the left list and click the right arrow (Add) to move the selection to the list on the right. To remove an item, select the user/group in the list on the right and click the left arrow (Remove).

Any existing Virtual Volumes can be deleted from this page.

Click here to view the Legacy CD/DVD Server's Management Capabilities