Local user authentication for SMB and FTP users

File Service Administration Guide for Hitachi NAS Platform

Part Number

Local User Authentication can be used by the NAS server to authenticate SMB and FTP users without reference, even indirectly, to an external source of authentication, like Kerberos or a Domain Controller. Users and passwords are configured and managed via the command line.

There is support for both NTLMv1 and all types of NTLMv2 authentication. The feature is available automatically and requires no license. It may be left un-configured with no effect. All configuration and management is performed via CLI, using a family of commands with the local-password- prefix. The commands share a common manual page.

There is no NAS Manager interface, and standard tools such as Microsoft Management Console are not supported. There is no way of importing passwords from another source, such as NIS, LDAP, Active Directory or /etc/passwd files. No check is made of password strength and no password expiry is enforced. There is no supported, secure method for transferring local passwords between EVSs. When switching from a cluster-wide configuration to per-EVS, local password settings are not cloned.

Note: Although the NAS server supports both NTLM1 and NTLM2, it only supports the use of FTP with NTLM1. NTLM2 in FTP is not supported.