There are potentially many different ways to connect a Linux client to a Windows network file server. The following solution is just one way to achieve success. It involves the use of a CIFS mount with credentials of a qualified Windows domain user, allowing CIC to see the desired mounted network directories. The examples below use an Ubuntu 20.04 as the Linux machine running the CIC Agent and connecting to the Windows network.
Procedure Overview
- Create a new Access Point (to get the Linux installation script) in CIC.
- Install and configure your CIC Agent.
-
Add new File System Endpoints in the CIC for both source and destination directories.
- Set up your Dataflows.
Assumptions
- File server shares of desired data directories and privileged users and groups are set up properly on the Active Directory file server.
- The <domain> Users group has Full Control security privilege on the shared source and destination directories.
- The source and destination directory UNC paths are known and reachable.
Values used in this document for sample purposes only
Domain = win2019.local also known as WIN20190.
Domain user = cleo100 with a password of Password@1.
Domain user group (with Full Control to network share) = cleoagents.
Windows network directory UNC path = \\win2019\public\.
Procedure
Create an Access Point in CIC
Create and save an Access Point from the Network > Access page. As part of this process, a Linux installation script is provided which, when installed as an administrator, ensures the CIC Agent has sufficient access to content on this Access Point. The status for this Access Point will be Pending, until the Agent is activated and successfully connected to the CIC Cloud.
Install and configure the CIC Agent
Install the CIC Agent via the Linux script. These instructions are provided in the CIC as part of Agent creation. A new user “cleo” will be created which will have access to and run the agent.
Mount point configuration
- Create a directory to be used for the mount point:
sudo mkdir /mnt/cifs_windows
sudo chown -R cleo:cleo /mnt/cifs_windows
- Mount to the network drive specifying permission for newly created “cleo" user. In this example, the mount is the parent directory of the source and destination sub-directories.
sudo mount -t cifs -o
username=cleo100,password=Password@1,domain=WIN20190,uid=$(id -u
cleo),gid=$(id -g
cleo),forceuid,forcegid,defaults,noperm,dir_mode=0777,file_mode=0
777, //192.168.1.19/public /mnt/cifs_windows
It is recommended to configure the mount to activate at startup (use of fstab file), so in the event the Linux OS is restarted, the CIC Agent will be able to resume reading and writing to the network share.
Note: To unmount the network drive you can use the umount command.
For example: sudo umount /mnt/cifs_windows
Add a new File System Endpoint in the CIC (for source directory)
These steps take place from the Network > Endpoints page in the CIC.
- Create a File System Endpoint and select the newly created Access Point (described above).
- Edit the Access Point path by clicking the
button, and enter the UNC path.
For example:
/mnt/cifs_windows/source/
- After entering the UNC path: click Go, Select, and then Save.
Add a new File System Endpoint in the CIC (for destination directory)
These steps take place from the Network > Endpoints page in the CIC.
- Create a File System Endpoint and select the newly created Access Point (described above).
- Edit the Access Point path by clicking the
button, and enter the UNC path.
For example:
/mnt/cifs_windows/dest/
- Once entered, click Go, Select, and then Save.
Setting up Dataflows
Proceed with setting up dataflows to utilize the newly created endpoints.
Regarding VPNs
CIC itself is unaware of VPN connections, but the CIC Agent can be used with a VPN if the network directories are only reachable by a VPN. The VPN connection must be turned on and operational in order for the CIC Agent to use it. It is recommended to use IP address in place of domain names, if possible, to help alleviate DNS issues related to VPN connectivity.
Comments
0 comments
Please sign in to leave a comment.