Openfiler is an amazing turnkey open source storage appliance that offers just about everything necessary to meet your Network Attached Storage (NAS) and Storage Attached Network (SAN) needs. It does CIFS, NFS, HTTP, iSCSI, and FC, and it offers high availability, failover, block replication, web-based management, and more.
But before you can do anything with Openfiler, you must set up either LDAP or Active Directory; without either of these working, Openfiler will have no way of creating (or authenticating to) accounts. Without accounts, the NAS/SAN is useless. Fortunately, Openfiler saw to it to add LDAP to the appliance; this means you don’t need to have a separate authentication server–you can set up LDAP and run it locally.
I’ll show you how to set up local LDAP. I assume you already have the Openfiler appliance up and running and have your admin login credentials.
Clearing and rebuilding LDAP
After logging into Openfiler, the first thing you must do is clear LDAP. To do this, click the Services tab in the main interface and then click LDAP Setup in the Services Section (right-hand navigation – Figure A).
The Services Section menu.
In the resulting window, scroll down, and click Clear LDAP (Figure B). When prompted, click Yes to continue with the process.
Clearing out all files associated with the LDAP directory.
Now that LDAP has cleared, you have to rebuild the LDAP directory–this will fix any/all errors in the LDAP directory. Within the Services tab, scroll down and click the Rebuild LDAP button (Figure C).
Rebuilding the LDAP directory will make LDAP useable again.
Now it’s time to set up LDAP for Openfiler. Click the Accounts tab in the main window. Check the box for Use LDAP, and then check the box for Local LDAP server. Below that (Figure D), configure as such:
- Server: 127.0.0.1
- Base DN: dc=openfiler,dc=local
- Root Bind DN: cn=Manager,dc=openfiler,dc=local
- Root Bind Password: password
- Login SMB Server To Root DN: Checked
- Allow User To Change Password: Checked
Setting up the local LDAP server.
Click Submit at the bottom of the page, and then click the Services tab to see that LDAP is running (Figure E).
LDAP is now running.
You’re ready to start creating groups and accounts.
Creating groups and accounts
Click the Accounts tab and then click Administration (in the right navigation). From this window (Figure F), you can add groups and users to the LDAP server with ease. Openfiler can now be used to meet or even possibly exceed your SAN or NAS needs.
It is now possible to add groups and users so that Openfiler can function.
LDAP and NAS/SAN made easy
Yes, LDAP can be configured without having to lose sleep, hair, and friends. Openfiler has taken much of the headache out of setting up an authentication server for its turnkey NAS/SAN solution, so you can focus your energy on creating a solid storage server.