NFS Gateway for Windows?

We’re using a very old gateway from XLink that is no longer supported and won’t even upgrade to 2003 server. I see Microsoft did support a gateway in some fashion up until 2008 using their “Services For UNIX” (SFU) product however the gateway part no longer seems to be alive in the 2012 server.

The main need is that the Windows clients get access to the Windows server using Active Directory security. Then when they access UNIX via the gateway the gateway accesses the UNIX share with one UNIX ID. A many to one access model. This way the Windows clients do not need individual UNIX ID’s and passwords and the files go over to UNIX with one ID.

Any suggestions on a gateway?

I'm seeing documentation saying Services for NFS still exist in server 2012. The two links below should help point you in the right direction:

http://technet.microsoft.com/en-us/library/jj592688.aspx
http://technet.microsoft.com/en-us/library/jj574143.aspx

Thanks, that's a little better than what I've found. However I still don't see a straight line. Hopefully if 2012 can see an NFS share and shares SMB, it can see an NFS share and then turn around and share it out as an SMB share.

Guess I'm going to have to read this stuff slowly and play since this is not my normal job.

Good luck. I do know what you want to do was historically possible (used to support that exact setup on Windows Storage Server, aka 2003 re skinned as a NAS), and it looks like all the right pieces are still there to do it. Unfortunately (or well fortunately for my sanity I'm so far removed from Windows server these days to offer any more specific pointers.

Does it have to be a gateway?

Could you install Samba on the Unix server, configured to authenticate against the Windows AD server? If the AD server is 2003, you can authenticate via LDAP using their normal domain user/password, and squash everything down to a single unix user/id. This isn't overly secure, naturally. Alternatively, you can configure the Samba server to authenticate via Kerberos with the AD server (2003 supports this, as well, 2008+ requires it). This requires the use of winbind, which provides mapping between AD users/IDs, and Unix, in such a way that the users do not need to have local accounts. I'm not sure if you can squash everything down to a single user, when configured like this -- at least, I never had any luck doing so.

Thanks, Samba + AD is one option I never considered, or frankly knew existed (not in that world anymore). That would fit our needs perfectly. However, there are two different companies, several departments and UNIX –vs- Microsoft dislike that would need to be overcome. I still have not been able to get the UNIX team to open up the NFS share to anything besides our old gateway so far. Funny since I put that security in place years ago.

I am going to float this by management

By what I’ve read (other than Tom’s findings) is that MS has cut back on the gateway functionality. I’m still going to try when/if I get access to a UNIX share….


Link that shows NFS Gateway was removed from 2008 server - http://technet.microsoft.com/en-us/library/cc753302(v=WS.10).aspx

User asking what the heck happened to the NFS Gateway -
http://social.technet.microsoft.com/Foru...c-4324fdc3c208/