IBM COS FA Gateway Administrator Guide
IBM COS FA Gateway Administrator Guide
IBM COS FA Gateway Administrator Guide
ADMINISTRATOR GUIDE
This edition applies to IBM COS FA Gateway Administrator Guide and is valid until replaced by new editions.
© Copyright International Business Machines Corporation 2020.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM
Corp.
CONTENTS
Logging in
Each time you connect to the interface your browser displays the Log In page:
1 Enter your user name and password for accessing the IBM COS FA Gateway.
The admin user is defined as part of the initial setup immediately after installation. All other users
are added by the administrator, as described in Adding and Editing Users. For details of the initial
setup, see the IBM COS FA Gateway Setup Guide.
Note: When the IBM COS FA Gateway connected to Active Directory, the user name to log in can
be the user name or the Active Directory UPN (user principal name).
2 Click Log In.
As a member of the Administrators or Read Only Administrators user groups, the
CONFIGURATION tab's Main > Home page opens, displaying shortcuts to pages of the IBM COS
FA Gateway user interface.
The IBM COS FA Gateway user interface consists of the following elements:
• Across the top of the user interface the following tabs are available:
FILES tab – Enables you to view and manage the files and folders on the IBM COS FA Gateway.
CONFIGURATION tab – Enables you to perform configuration tasks.
• The central portion of the user interface displays the content for the selected tab.
• Across the bottom of the user interface the following information is displayed:
• The model number and name of the IBM COS FA Gateway is displayed on the left.
• Your user name. Clicking the user name displays a drop-down menu with the following
options:
Log out – log out of the IBM COS FA Gateway.
Change Password – Change the password to access the IBM COS FA Gateway with the current
user. The password must be at least eight characters and must include at least a letter, digit and
special character, such as ~, @, #, $ , %, ^, & , (.
Help – Open the online help for the IBM COS FA Gateway in a new tab.
• Menu for restarting and shutting down the IBM COS FA Gateway.
• The firmware version.
FILES Tab
Use the FILES tab to manage folders and files on the IBM COS FA Gateway.
Note: You can also map to the folders and files from your file manager instead of using the FILES tab.
CONFIGURATION Tab
Use the CONFIGURATION tab to configure the IBM COS FA Gateway.
When viewing the cloud drive synchronization folder (root/cloud), each file is marked with an icon
indicating its current synchronization status:
– Folders or files that are in sync.
– Files that are currently synchronizing.
– Files that are stubs.
In Details view, the icon is displayed in the Sync Status column. In Large view, the icon is
displayed over the file or folder.
2 In the right pane, select the file or folder.
The selected item's details appear at the bottom of the right pane.
If the right pane is in Details view, the file and folder details are displayed in the table, as well.
To view the folder structure from a file manager:
• Use the following address to access the folders and files from a file manager, for example, Windows
File Explorer or Mac Finder: \\IBM_COS_FA_Gateway_Ip\cloud.
where IBM_COS_FA_Gateway_Ip is the IP address of the IBM COS FA Gateway.
When accessing the IBM COS FA Gateway from a Mac machine you need to following the
procedure in Accessing an IBM COS FA Gateway From a Mac.
Note: The IBM COS FA Gateway user interface is case sensitive, so file and folder names with the
same characters, but different cases, such as MYFOLDER, MyFolder and myfolder are different
folders. When connecting to the IBM COS FA Gateway using Windows File Sharing, SMB
protocol, which is not case-sensitive, these folders or files are treated as having the same name.
Uploading Files
To upload files:
1 In the FILES tab, in the Show Shares view, navigate to the folder.
2 In the right pane, click Upload.
The Upload files window is displayed.
To overwrite the file with the file on your computer, select the Overwrite option and click OK. Click
Close.
To clear the list of completed uploads:
• In the Upload files window, click Clear Completed.
To cancel an upload:
• In the Upload files window, select the upload you want to cancel, and click Cancel.
In this chapter
• Viewing IBM COS FA Gateway Details
• Setting a Name and Location to Identify the IBM COS FA Gateway
• Setting the IBM COS FA Gateway Time and Date
• Configuring the User Interface Language
• Configuring Proxy Settings
• Enabling Remote Access to the IBM COS FA Gateway
• Saving IBM COS FA Gateway Settings
• Changing the IBM COS FA Gateway License
Setting up the IBM COS FA Gateway storage and users is described in Storage Setup and Adding and
Editing Users, if this was not done during the initial IBM COS FA Gateway set up, as described in the
IBM COS FA Gateway Setup Guide. Configuring the IBM COS FA Gateway for caching is described in
Setting Up the IBM COS FA Gateway For Caching.
check box.
5 Click Next.
• If you chose to synchronize the IBM COS FA Gateway with a time server, the Time Server
Settings window is displayed with a list of time servers with which the IBM COS FA Gateway
will synchronize time and date settings.
To add a time server to the list, enter the server's URL in the provided field, and then click Add.
To remove a time server from the list, click for the server to remove.
• If you chose to manually configure time and date settings on the IBM COS FA Gateway, the
Adjust Date & Time window is displayed.
Do the following:
i In the Date field, type the current date, or click to select the date from a calendar.
ii In the Time drop-down list, select the current time.
iii Click Next and then Finish.
2 Click Settings.
The Network Configuration window is displayed.
2 Slide the on/off lever to the On position to turn on remote access, or to the Off position to disable
remote access.
A link to the remote management page is displayed. Use this URL for remote access to the IBM COS FA
Gateway.
2 Click Export.
The IBM COS FA Gateway configuration is exported to an XML file in your computer's download
folder.
Note: For security reasons, all passwords are stored in an encrypted format. However, the export
file information is sensitive and it is therefore recommended that you keep it in a safe place.
The Configuration Import wizard opens, displaying the Configuration Import window.
3 Click Upload and browse to the desired configuration file and click Open.
The configuration file is imported.
When the upload is complete, the Configuration Import Completed screen is displayed.
If any errors occurred during the import, they are displayed.
4 Click Finish.
You can create an array to combine your drives into a larger pool of storage, set up redundancy between
drives, and/or increase performance. Once you've set up an array, you can create volumes, which are
logical units of storage.
You can define additional virtual disks for an IBM COS FA Gateway and create RAIDs for these disks
using the ESXi software. The IBM COS FA Gateway supports the definition of up to 16 virtual disks.
Depending on your license, it is possible to enlarge the virtual disks.
In this chapter
• Storage Setup
• Managing Arrays
• Managing Volumes
STORAGE SETUP
You store the IBM COS FA Gateway data on volumes. You can create arrays to combine multiple disk
drives and then create volumes or create volumes per disk.
Automatically Creating an Array and Volume Using the Storage Setup Wizard
When automatically creating an array and volume, the array is simple unification of all the drives with
the combined capacity of all the drives (JBOD).
To setup the IBM COS FA Gateway storage using the Storage Setup Wizard:
1 In the CONFIGURATION tab, select Storage > Arrays or Storage > Volumes in the navigation
pane and click Storage Setup Wizard.
A Format link is displayed if there is data on the drive. If there is no data on the drive, the drive's
status is Empty and the drive is formatted automatically. Clicking Format and then Yes to confirm,
formats the drive and erases all the data on the drive.
Warning: Formatting erases all data on the drive.
2 Click Next and then click Finish in the Wizard Completed screen.
2 Click New.
The Select drives to join this array wizard is displayed, which shows you all drives available and
asks you to select drives to join the new array.
For every drive, you can see the type of the drive and the capacity in GB.
3 Check the Member box for each drive you want to include in the array.
Note: You cannot include a hard drive that does not support SCT Error Recovery Control in the
array.
4 Click Next and then select the type of array you want to create.
Linear Concatenation (JBOD) – A simple unifying of all the drives with the combined capacity of
all the drives.
RAID0 (Striped) – Combines the capacity of the drives and increases the read and write speed
using striping.
5 For RAID0, specify the RAID Stripe Size.
The size of blocks that data is divided into when it is written to the array and distributed across the
drives. Reading and writing large data files sequentially generally benefits from a large stripe size.
Small random reads and writes generally benefit from a smaller stripe size. The default value is 64K.
6 Click Next and enter a name for the array.
7 Click Next.
8 To immediately create a volume on the array, select the I wish to create a logical volume on this
storage array check box.
9 Click Finish.
If you checked the box in step 8, you can proceed to create a volume. For details, see Creating and
Editing Volumes.
MANAGING ARRAYS
Modifying and Expanding Arrays
To make any changes to an array, for example, expanding the array after adding new disks, click its
name in the Arrays page and then proceed through the wizard, as for creating a new array. For details
see Increasing Storage On an IBM COS FA Gateway Volume.
After expanding an array, the added disk space can be used to increase volume sizes. For details, see
Enlarging a Volume.
Deleting Arrays
Warning: Deleting an array will result in the loss of all existing data on the array.
To delete an array, select the array, and then click Delete. Click Yes to confirm.
MANAGING VOLUMES
Volumes are logical partitions on your IBM COS FA Gateway that users can access. You create a NAS
volume and the IBM COS FA Gateway acts as a files server for NAS volumes which can be accessed
using any of the supported file sharing protocols.
The IBM COS FA Gateway supports XFS file systems. XFS volumes cannot be shrunk. IBM recommends
starting with the required storage and then increasing the storage when using XFS rather than starting
with a large storage which cannot be decreased.
If a volume was not created when the IBM COS FA Gateway was installed, the page is empty.
2 Click New or select the volume to edit and click Edit.
The Specify Volume Details screen is displayed.
Storage Device – Either an array on which to create the volume or a drive that is not part of an array.
The size of each array and drive is shown in brackets.
Volume Size – You can either drag the slider or enter a number of GB. IBM recommends that the
volume is as large as possible.
Enforce storage quotas – For information about activating this feature, contact IBM.
3 Click Next.
For details about activating volume encryption, contact IBM.
4 Click Next and name the volume.
Enlarging a Volume
When the volume defined in the IBM COS FA Gateway does not use all the available storage, you can
enlarge the volume size.
Note: When the volume defined in the IBM COS FA Gateway uses all the available storage, see
Increasing Storage On an IBM COS FA Gateway Volume.
To enlarge a volume:
1 Log on to the IBM COS FA Gateway as an administrator.
2 In the CONFIGURATION tab, select Storage > Volumes in the navigation pane.
The Volumes page is displayed.
3 Select the volume and click Edit.
If the selected disk storage is fully used, the following screen is displayed:
Deleting Volumes
To delete a volume, select the volume and click Delete and then Yes to confirm.
Warning: During the scanning process, the volume is taken off line. Do not turn off the IBM COS FA
Gateway while the volume is being scanned.
3 Optionally, configure the settings for the repair operation.
4 Click Next.
While the files system on the volume is scanned for errors, the Scanning & Repairing screen
displays a progress bar, including what is being check, such as inodes, blocks and sizes and group
summary information.
When the process is complete, the Repair Complete screen displays a list of files system errors that
were corrected.
5 Click Finish.
In this chapter
• Adding and Editing Users
• Adding Users to User Groups
• Viewing Users
• Exporting Users
• Exporting Users
• Allocating User Quotas
• Deleting Users
• Managing User Groups
• Deleting User Groups
5 In the Username and Password fields, type the domain administrator's username and password.
6 Optionally, In the Organizational Unit field, type the name of the organizational unit within the
Active Directory domain.
7 Click Next and then Finish.
To define IBM COS FA Gateway users from for an Active Directory tree or forest:
1 After setting up the Active Directory domain, in the Windows File Sharing page, in the
Domain/Workgroup area, click the Advanced Mappings link.
The UID/GID Mapping window is displayed.
2 For each domain in the tree/forest displayed in the list of domains, do the following:
a In the Add domain field, either type the desired domain's name, or select it from the
drop-down list.
b Click Add.
The domain is displayed in the table.
c Click in the UID/GID Start field, and type the starting number in the range of IBM COS FA
Gateway user and group IDs (UID/GID) that should be assigned to users and user groups from
this domain.
d Click in the UID/GID End field, and type the ending number in the range of IBM COS FA
Gateway user and group IDs (UID/GID) that should be assigned to users and user groups from
this domain.
3 To re-order the domains, do any of the following:
• To move a domain up in the table, click on the desired domain, then click Move Up.
• To move a domain down in the table, click on the desired domain, then click Move Down.
The order in which domains appear in the table represents the order in which the domains will
appear in drop-down lists throughout the IBM COS FA Gateway interface, for example, when
managing access rights to projects.
Note: After running a migration, a new Migration Tool Service Admin Account administrator
is automatically added: migration-service-n, where n is a unique identifier. You must
not delete this administrator.
2 To add a user, click New.
Or,
To edit a user, either click the user name or select the user row and click Edit.
The Specify User Details window is displayed. If you are editing an existing user, the window is
displayed with the user details.
VIEWING USERS
To view existing users:
1 In the CONFIGURATION tab, select Users > Users in the navigation pane.
The Users page opens, displaying all local users.
2 To display domain users, in the Local Users drop-down list, select Domain domain Users, where
EXPORTING USERS
You can export a list of users and their details to a Comma-Separated Values (CSV) file on your
computer. You can then view the file as a worksheet in Microsoft Excel.
To export a list of users:
1 In the CONFIGURATION tab, select Users > Users in the navigation pane.
The Users page is displayed.
2 Click Export to Excel. You are asked if you would like to save the file or open the file in Microsoft
Excel.
Note: The Export to Excel option is in the line of options: New, Edit, Delete, User Quotas and
Export to Excel. If it is not displayed, click the three vertical dots or widen the browser
window.
The users list is exported.
DELETING USERS
Note: You cannot delete the main administrator account.
To delete a user:
1 In the CONFIGURATION tab, select Users > Users in the navigation pane.
2 Select the user row and click Delete.
Note: The Delete option is in the line of options: New, Edit, Delete, User Quotas and Export to
Excel. If it is not displayed, click the three vertical dots or widen the browser window.
3 Click Yes to confirm.
The user is deleted.
To edit a group, either click the group name or select the group row and click Edit.
The Specify Group Name window is displayed. If you are editing an existing group, the window
is displayed with the group details.
Note: You cannot edit the Administrators and Read Only Administrators group names or
descriptions.
3 Specify the group name and optionally, other details.
4 Click Next and select the group members.
In this chapter
• Connecting to an IBM COS FA Portal
• Viewing Cloud Services Status
• Reconnecting and Disconnecting to an IBM COS FA Portal
• Accessing the IBM COS FA Portal From the IBM COS FA Gateway
• Setting Up the IBM COS FA Gateway For Caching
• Pinning Folders so that Files are Always Available Locally
• What the User Sees With an IBM COS FA Gateway
• Managing the IBM COS FA Gateway
• Accessing Previous File Versions
• Searching for Files on a Mac Computer
3 Enter the address of your IBM COS FA Portal, and then click Next.
The Sign In screen is displayed.
4 Enter the IBM COS FA Portal designated user username and password to access the IBM COS FA
Portal.
Note: The designated user is the an owner of the cloud folders and data to manage the IBM COS
FA Gateway connection to the IBM COS FA Portal for all users and not just the current user.
This designated user has IBM COS FA Portal read/write administrator permissions.
5 Click Next.
The Select License screen is displayed.
6 If required, select the license.
7 Click Next.
Your IBM COS FA Gateway connects to the IBM COS FA Portal and is added to your IBM COS FA
Portal account.
A success screen is displayed.
8 Click Finish.
The IBM Cloud Object Storage File Access Portal page is displayed, showing that your IBM COS
FA Gateway is connected to the IBM COS FA Portal and displays OK next to the services to which
you are subscribed.
After connecting to an IBM COS FA Portal the IBM COS FA Gateway status panel shows the following:
• The status of the connection to the IBM COS FA Portal can be one of the following:
Resolving the portal address – The IBM COS FA Gateway is resolving the IBM COS FA Portal
address.
Connected to portalName – The IBM COS FA Gateway is connected to the IBM COS FA Portal
named portalName, and the connection is currently in use.
Connecting – The IBM COS FA Gateway is connecting to the IBM COS FA Portal.
Disconnected – The IBM COS FA Gateway is disconnected from the IBM COS FA Portal. You can
reconnect as described in Reconnecting and Disconnecting to an IBM COS FA Portal.
Authenticating – The IBM COS FA Gateway is authenticating to the IBM COS FA Portal.
Connection Failed – The connection to the IBM COS FA Portal failed.
• The amount of time that the IBM COS FA Gateway has been connected to the IBM COS FA Portal.
• The IP address of the IBM COS FA Portal.
2 Click Sign out and Yes when the confirmation message is displayed.
ACCESSING THE IBM COS FA PORTAL FROM THE IBM COS FA GATEWAY
To access your IBM COS FA Portal account:
1 In the CONFIGURATION tab, select Cloud Services > Status in the navigation pane.
The IBM Cloud Object Storage File Access Portal page is displayed.
attempts to access the folder a message similar to the following is displayed: You have no
permission to view this folder.
• Do you need to maintain the file structure, but not the ACLs, after migrating the data to an IBM COS
FA Gateway?
In this case, the setup should be done using nested shares.
Access to files is determined by the authorization levels set in the IBM COS FA Portal, such as
Read/Write or Preview Only.
IBM recommends whenever possible to set up the IBM COS FA Gateway using nested shares.
Eviction
low watermark
Cache Additional
capacity for
Area write bursts
Eviction
high watermark
Capacity
Time
If the available free space does become too small, throttling is implemented so that users can continue
to write to their files, but the client's write speed is reduced to WAN speed so that the data being written
is not faster than the data that is evicted to the cloud.
This type of scenario is not usual, except during a migration or a large amount of data or a very heavy
write burst, using all the 25% storage space reserved for write bursts.
What Files are Not Synced From the IBM COS FA Portal?
Temporary files on the IBM COS FA Portal are not synced to the IBM COS FA Gateway. The following
are not synced:
• Files that begin with ~$,tmp or ._
• Files of type tmp, temp, swp, dwl, or dwl2
• Files named desktop.ini, Thumbs.db, .DS_Store, ._.DS_Store, CredDB.cef,
.AppleDouble, .AppleSingle or .Parent
• Files that end with Zone.Identifier
Note: Windows ACL enabled folders on the IBM COS FA Portal cannot be synced unless the share is
defined as Windows ACL Emulation Mode, as described in Configuring IBM COS FA
Gateway Shares.
c In the Domain/Group section, verify that the Operation Mode is Domain and that the Status
is OK, otherwise, click Connect to Domain/Workgroup to connect to an LDAP-based
authentication service such as an Active Directory domain.
To work with Windows ACL, you must change the sharing protocol to Windows ACL Emulation
Mode. Windows ACL enabled folders on the IBM COS FA Portal cannot be synced unless the cloud
share is defined as Windows ACL Emulation Mode.
To configuring IBM COS FA Gateway shares with ACL support:
1 In the CONFIGURATION tab, select Share > Shares in the navigation pane.
2 Click the cloud share that was automatically created when it synced to the IBM COS FA Portal.
The Select a Folder to Share wizard opens, displaying the volumes and folders on the IBM COS FA
Gateway.
Users access the shared files and folders through standard Windows client computers; for example,
using Windows Explorer through the SMB access provided by the IBM COS FA Gateway.
Windows ACL Emulation Mode also allows you to block users from writing specific file types into
the IBM COS FA Gateway share or gaining control of the content located on it.
6 Click Next and in the Configure Permissions window specify the share permissions.
Note: These permissions are not inherited from the IBM COS FA Portal.
7 Click Next and then click Finish.
8 Repeat step 3 for all the shares you want to work with Windows ACLs.
The nested shares are displayed in the Network Shares page.
Users can access there files directly with SMB by mapping the share name from step 4 in the file
manager.
Note: The public share is a default share created by IBM COS FA Gateway. This share can be hidden
from end users by editing the share and adding a dollar ($) symbol at the end of the name. If
you want, you can delete the public share.
Another share, PreviousVersions, is also a default share created by IBM COS FA Gateway,
allowing access to cloud snapshots. To hide this share from end users you need to uncheck the
Allow users to browse previous versions of their files option in Share > Shares > Advanced.
You can achieve the nested sharing without imposing Windows ACLs.
To configuring IBM COS FA Gateway shares without ACL support:
1 When configuring the IBM COS FA Portal, on each cloud drive folder group that you do not want
ACL support, uncheck Enable Windows ACLs.
2 When configuring the IBM COS FA Gateway, described in To configuring IBM COS FA Gateway
shares with ACL support:, set Only Authenticated Users and not Windows ACL Emulation Mode,
set in step 5.
Note: When accessing the IBM COS FA Gateway from a Mac machine you need to following the
procedure in Accessing an IBM COS FA Gateway From a Mac.
Or,
a Log in to the IBM COS FA Gateway. Your user name must match your IBM COS FA Portal user
name.
b Select the FILES tab and navigate to the cloud share. You can also access those files using any
of the file sharing protocols.
c The folders and files stored in the cloud share are synced from your IBM COS FA Portal cloud
drive.
When no throttling rules are defined, there is no speed restriction for uploading files to the Cloud
Drive for syncing.
3 Click Add throttling rule.
4 Define the following for the throttling rule:
Out Speed Limit (kb/s) – The maximum speed to use for cloud drive sync upload in Kbits per
second.
Start at – Specify the time when the bandwidth limit used for cloud drive sync upload starts.
End at – Specify the time when the bandwidth limit used for cloud drive sync upload ends.
When the end time is before the start time, the end time is the next day.
Days – Specify that the bandwidth used for cloud drive sync upload should be restricted every
day (the default) or only on specified days.
Note: A maximum of 50 rules can be defined.
When the start and end times for more than one rule overlap, the order of the rules in the
list determines how they are implemented with the rule ate the top of the list implemented
first. Use Move Down and Move Up to change the order the rules are listed.
COS FA Gateway.
• The read and write rates between the clients and the IBM COS FA Gateway over time.
To display statistics:
1 In the CONFIGURATION tab, select Cloud Drive > Cloud Drive in the navigation pane.
2 Click Show Statistics.
A new browser window is displayed with the IBM COS FA Portal sign in page.
3 Login to the IBM COS FA Portal and the statistics are displayed.
The following shows the statistics for an IBM COS FA Gateway.
4 Select the action for the file version. The options include:
Download – Download the file to your local machine.
Preview – If a preview of the file is possible, this option is displayed.
Restore – Restore the version. If a version of the file exists, the following screen is displayed:
In this chapter
• Network Sharing Protocols
• Managing Network Shares
• Accessing Network Shares
• Modifying Advanced File Sharing Settings
To make any local folder accessible to other IBM COS FA Gateway requires the following basic steps:
1 Assign the user a IBM COS FA Gateway user account. See Managing IBM COS FA Gateway Users.
2 Configure the relevant protocol (Windows File Sharing, NFS) that you want your users to use to
access the files. See Network Sharing Protocols.
3 Make a network share on the folder you want to share. See Managing Network Shares.
4 Provide access to the share. See Accessing Network Shares.
End users who are familiar with a given folder structure and shares, as well as a given permission
scheme, while using the Windows file server, continue to see the same folder structure, shares, and
permission scheme after migration to the IBM COS FA Gateway. This enables the migration from a
current Windows Server-based file system to a IBM COS FA Gateway, without the need to apply any
structural changes such as flattening the folder structure or simplifying the permissions scheme. The
migration is entirely transparent to the end user.
Transition of the mapped network drives and share names available on the Windows client from the
Windows file server location to the IBM COS FA Gateway location is performed seamlessly using AD
GPO capabilities.
File and folder access continue to be available following the migration in the same way they were in the
Windows Server-based file system. Access after the migration is through the SMB access provided by
the IBM COS FA Gateway.
Users continue to access the files and folders through standard Windows client computers; for example,
using Windows Explorer. You can manage and change permissions by right-clicking a file or folder and
selecting Properties and then the Security tab, just like over a Windows File server.
To set up shares in the IBM COS FA Gateway with NT ACL permissions, you need to do the following:
• Set up the users that will access the file system. IBM recommends taking the users from your Active
Directory. For more details, see Configuring Windows File Sharing for Active Directory.
• Set up the share with ACL emulation in the IBM COS FA Gateway. For more details, see Managing
Network Shares.
• Copy the files from the Windows File Server. For more details, see Copying Files From an External
File Server to the IBM COS FA Gateway.
Where:
Enable SMB (Windows File Sharing) – Enable or disable Windows file sharing. If Windows file
sharing is disabled, Windows shared folders, defined via Share > Shares, as described in Managing
Network Shares, are no longer accessible.
Packet Signing – Whether SMB packet signing is required or not, or whether it is dependent on the
agreement of the client.
Client Idle Disconnect Time (minutes) – The amount of time in minutes after which a client should
be disconnected, if the connection is idle. There is usually no need to change this setting. The default
is 10 minutes.
Use compatibility mode – Enable access by Windows versions 2000 or earlier. Enabling this option
reduces security.
Unix Extensions Mode – Enable clients running Unix-like operating systems (such as Linux and
Mac OS/X) to set permission masks for files using the chmod utility, over the SMB protocol.
Hide unreadable files and folders – Hide unreadable files or folders, or shares to which users do
not have access, when users access shares via Windows File Sharing.
2 Click Save to save the Windows File Sharing settings.
3 Specify the Domain/Workgroup information:
Assigned to – The name of an Active Directory domain or Windows workgroup to which the IBM
COS FA Gateway's Windows File Sharing service is connected.
Operation Mode – Whether the IBM COS FA Gateway's Windows File Sharing service is connected
to an Active Directory domain or to a Windows workgroup.
Status – The status of the connection to an Active Directory domain or Windows workgroup.
Advanced Mappings – When connected to an Active Directory domain. See Defining Users From
an Active Directory Domain, Tree or Forest.
3 Choose Workgroup, and then select the workgroup you want or else type the name of the
workgroup in the empty field.
Note: You must assign this same workgroup name to all of the computers in the network.
In most Windows versions, the default workgroup name is WORKGROUP.
The IBM COS FA Gateway automatically scans for available workgroups in the LAN. The
results of these scans can be selected from the Workgroup list.
4 Click Next and then click Finish.
3 Select the volume, folder, or subfolder on which you want to define the share.
• To create a new subfolder to select as a nested share, select the parent folder, click New Folder,
and then assign the subfolder a name.
• You can define nested shares based on subfolders within your own cloud drive, which are
available to users based on the permissions defined when creating the share. If the share has
NT ACL settings, these settings are applied to the nested share and to every share below this
share.
4 Click Next and then assign the network share a name.
5 Click Next and choose through which sharing protocols to expose this share.
Windows File Sharing is checked by default and cannot be deselected. From the drop-down, select
one of these access levels for the share:
• Only Authenticated Users. Users will be required to authenticate using their IBM COS FA
Gateway user name and password, in order to access the network share.
• Windows ACL Emulation Mode. The share will be a Windows ACL emulation mode share.
Users access the shared files and folders through standard Windows client computers; for
example, using Windows Explorer through the SMB access provided by the IBM COS FA
Gateway.
Windows ACL Emulation Mode also allows you to block users from writing specific file types
into the IBM COS FA Gateway share or gaining control of the content located on it.
To copy the files with their ACLs to the IBM COS FA Gateway, see Copying Files From an
External File Server to the IBM COS FA Gateway.
For more information, see Configuring Windows File Sharing.
Client Side Caching. Server files are designated for off-line work so that a copy of the files is cached
on the client computer and can be accessed when the client is off line in exactly the same way as if
they were stored on the Windows file server.
Manual caching for documents – Users must cache files manually.
Automatic caching for documents – A copy of the files is cached automatically.
Disabled – The client computer cannot cache files locally and the updated copy must be
retrieved from the file server.
6 Specify how you want to share the files.
FTP – For details about activating this feature, contact IBM.
Search – Users will be able to search for files in this share.
7 Click Next.
The NFS (UNIX File Sharing) window is displayed.
8 Check the Enable NFS Access option to enable NFS clients to access the share.
Either, click New to configure each client to which you want to grant access. A row is displayed in
the table:
a Enter the client's IP address and netmask in the appropriate fields.
b Select the permitted level of access to the network share via NFS. Options are None,
PreviewOnly, Read Only, or Read/Write.
Note: Preview Only permission prevents downloading, copying, or printing the file and
content cannot be synchronized for offline access. For full details, refer to the IBM COS
FA Portal Team Administrator Guide.
Or,
Click Remove and then select the client's IP address to remove the client from the list.
Note: The NFS mount path for the network share is specified at the top of the window.
9 Click Next and set which users can access this network share.
4 Click Next and continue with the wizard to create the new share or edit the existing share.
Copying Files From an External File Server to the IBM COS FA Gateway
Note: To copy a complete Windows or NetApp File Server by migrating it to an IBM COS FA
Gateway requires in-depth planning and should be done in conjunction with IBM COS FA
Gateway support. For details, see the IBM COS FA Gateway Setup Guide.
To copy individual shares from a Windows or NetApp File Server, use the following procedure.
To migrate shares to the IBM COS FA Gateway:
1 In the CONFIGURATION tab's Main > Home page, click File Server Migration.
The File Server Migration page is displayed.
2 Click + to create a new job.
The Create Job wizard is displayed showing the Task Type step.
4 Click Next.
The Connect step is displayed.
5 Enter the IP address or DNS name for the file server and an administrator user name and password
to access this server.
6 Click Next.
The Select Shares step is displayed.
8 You can select to migrate the data from the file server with the ACLs and specify when to start the
migration, either immediately or at a scheduled date and time.
If you are migrating during working hours, you can throttle the bandwidth used for the migration
so as not to adversely impact ongoing work.
9 Click Create.
After migrating all the shares, the job completes.
If needed, scroll to the end of the job for buttons to access the migration report and shares details.
• Optionally, click to export the migration log file to a .log text file.
12 Click to display the list of every time this job was run with the results of each run, including
the start and end times for the job, the number of files migrated and the total size of the migration,
access to the report and the ability to download the log, which provides information about the
migration and any errors that occurred during the migration.
13 Optionally, in the dashboard you can select a job and click to delete it.
After deleting a job, you can display all the jobs including the deleted jobs by clicking the Deleted
filter in the dashboard.
You can restore deleted jobs by selecting the deleted jobs to restore and clicking .
The share structure from the source is recreated on the IBM COS FA Gateway, including nested shares
and their permissions. If there are any recoverable errors during the copy process, retry the migration
for the failed shares.
Note: Only ACLs are migrated with the files. Extended attributes are not migrated. In the IBM COS
FA Gateway the shares are defined with Windows ACL Emulation Mode, as in the following
example.
Modifying Shares
Select the share and click Edit Share. Proceed as for defining a new network share. See Managing
Network Shares.
Removing Shares
Select the share, click Remove Share and then Yes to confirm. This removes the share from the volume
or folder it was defined on.
2 Click Advanced.
The Advanced file sharing settings window is displayed.
In this chapter
• Setting up Antivirus File Scanning
• Updating the Antivirus DAT File
• Managing Quarantined Files
• Antivirus Logs
2 Click Settings.
3 Make sure Check for Updates is checked and then set the update details.
You can set the scheduler to check for new DAT files daily, weekly or monthly. IBM recommends
keeping the default daily check.
You set the scheduler to access the antivirus provider to use the latest DAT file from the relevant
server, specifying the server address and path.
4 Click Save.
When the selected time The system checks for the latest DAT file to use when scanning files.
ANTIVIRUS LOGS
Log entries for the antivirus are part of the system log. The system log shows whether a file is in
quarantine or has been restored from quarantine.
To view logs:
1 In the CONFIGURATION tab, select Event Log > Log Viewer in the navigation pane,
The Event Log page is displayed.
2 Select System from the Select Topic drop-down list:
3 Optionally, change the minimum severity that is displayed. Ordered from most severe to least
severe:
– Error
– Warning
– Info
The System log displays the following details:
Date – The date and time at which the event occurred.
Details – A description of the event
More Info – Additional information about the event.
2 Click Settings.
The Network Configuration window is displayed.
you do not set all computers to the same MTU, you may lose connectivity to the IBM COS FA
Gateway.
To configure the Ethernet port settings:
1 In the CONFIGURATION tab, select System > Network in the navigation pane.
The Network page is displayed.
2 Click Settings.
The Network Configuration window is displayed.
2 Click Renew.
NETWORK DIAGNOSTICS
The IBM COS FA Gateway provides diagnostic tools directly through the user interface for network
troubleshooting:
ping – Tests the reachability of a host on the network.
DNS lookup – Queries the DNS.
traceroute – Displays the route packets across the network.
TCP Connect – Tests whether a specific TCP port is open.
Wake – Remotely awakens computers using the WoL (Wake on LAN) command.
To use network diagnostics:
1 In the CONFIGURATION tab, select System > Network in the navigation pane.
The Network page is displayed.
2 Click Diagnostics.
The Network Diagnostics window is displayed.
3 In the Diagnostic Tool field, select the tool you want to use.
The window changes to reflect the diagnostic test requested.
Ping – Tests the reachability of a host on the network.
DNS Lookup – Queries the DNS.
Wake – Remotely awakens computers using the WoL (Wake on LAN) command based on the MAC
address of the computer. For more details, see Remotely Awakening Computers.
iPerf – Measures the maximum achievable upload and download bandwidths using either TCP or
UDP.
where:
Address – The address of the computer to measure.
Port – The port to measure.
Threads – The number of threads to test the connection.
TCP or UDP – The protocol to measure.
Measure Upload or Measure Download – The direction to measure.
The following command is run: iperf -c {Address} -fM -m -i5 -t25 -p {Port}
if the number of threads is changed from the default, 1, the command is run with the -P flag with
the thread number. For example, iperf -c {Address} -fM -m -i5 -t25 -p {Port} -P 10
if UDP is specified, the command is run with the -u flag. For example:
iperf -c {Address} -fM -m -i5 -t25 -p {Port} -u
4 Enter the information required for the test, such as the IP address you want to ping.
5 Click Go.
The test results appear in the Network Diagnostics window.
6 Click Close when you have completed the diagnostic tests.
2 Click Diagnostics.
The Network Diagnostics window is displayed.
3 In the Network Diagnostics window, select Wake as the diagnostic tool.
4 Enter the device's MAC address.
5 Optionally, check Broadcast IP and enter an broadcast address for the broadcast.
6 Click Go.
7 An OK message is displayed when the device is awakened.
8 Click Close.
To view the Activity Monitor, in the CONFIGURATION tab, select Main > Activity in the navigation
pane.
Where:
PID – The process identifier.
Name – The process name.
RAM – The percentage of the RAM used by this process.
CPU – The percentage of CPU used by this process.
Threads Count – The number of threads spawned by the process.
The MIBs are stored on the SNMP server on the IBM COS FA Gateway. You can monitor the IBM COS
FA Gateway MIBs using a management tool, such as the tool from https://www.paessler.com/.
2 Check the SNMP Enabled check box to activate SNMP, and then configure the following settings:
SNMP Port – The default is TCP 161.
Read Community – Configure as Read-Only. The SNMP Read-Only Community String is like a
password. It is sent along with each SNMP Get-Request and allows or denies access to device.
Note: SNMP Engine ID is defined automatically based on the MAC address and cannot be
changed.
If you are using SNMP v3, check the Enable SNMPV3 check box, and then enter a user name and
password.
3 Click Save to save the settings and activate SNMP monitoring.
CONFIGURING LOGGING
The IBM COS FA Gateway contains an event log that displays the different actions on the IBM COS FA
Gateway. You can specify the location of the event log on the IBM COS FA Gateway. You can also
configure log settings, such as which types of logs to display in the user interface.
To view event logs, in the CONFIGURATION tab, select Event Log > Log Viewer in the navigation
pane. The Event Log page is displayed:
You can also configure the IBM COS FA Gateway to send logs to a syslog server. While the IBM COS
FA Gateway event log is limited by the amount of available storage space, a syslog server can store an
unlimited number of logs.
Note: Free syslog servers are available, such as Kiwi Syslog Daemon: http://www.kiwisyslog.com/.
VIEWING LOGS
To view logs:
1 In the CONFIGURATION tab, select Event Log > Log Viewer in the navigation pane,
The Event Log page is displayed.
2 Select the category you want to view from the Select Topic drop-down list:
System – General IBM COS FA Gateway events, including starting up, connecting to the network
and the IBM COS FA Portal, disconnecting from the network and the IBM COS FA Portal, and so on.
Cloud Sync – Events related to cloud drive synchronization operations.
Access – Events related to user access to the IBM COS FA Gateway.
Audit – Changes to the IBM COS FA Gateway configuration.
3 Optionally, change the minimum severity that is displayed. Ordered from most severe to least
severe:
– Error
– Warning
– Info
System Logs
The System log displays the following details:
Date – The date and time at which the event occurred.
Details – A description of the event
More Info – Additional information about the event.
Access Logs
The Access log displays the following details:
Date – The date and time at which the event occurred.
User – The user who triggered the event.
Protocol – The protocol used when triggering the event:
GUI
SMB (Windows File Sharing)
NFS
WebDAV
Details – A description of the event.
Client IP – The IP address from which the user triggered the event.
More Info – Additional information about the event.
Audit Logs
The Audit log displays the following details regarding the IBM COS FA Gateway:
Action – The action type, such as:
Added ( ) – An object was added to the IBM COS FA Gateway user interface.
Deleted ( ) – An object was deleted from the IBM COS FA Gateway user interface.
Modified ( ) – An object was modified.
Formatted ( ) – A disk was formatted.
Date – The date and time at which the event occurred.
User – The user who performed the action.
Type – The type of setting that was affected by the action. For example, if user JohnS was deleted, this
column displays Users.
Target – The object that was affected by the action. For example, if user JohnS was deleted, this column
displays JohnS.
More Info – Additional information about the event.
Filtering Logs
In any log category, you can filter the logs so that only those with a specific minimum log level are
displayed.
Note: For information on configuring the default minimum log level to display in all log pages, see
Configuring Event Log Settings.
To filter logs:
1 View the log category.
2 Click Minimum Severity and select from the list the minimum log level to display in this category.
For example, if you select Critical, then only Critical, Alert, and Emergency logs are displayed.
The logs are filtered accordingly.
Exporting Logs
You can export logs or log details for a specific event in any category to a Comma-Separated Values
(CSV) file on your computer. You can then view the file as a worksheet in Microsoft Excel.
To export logs in a log category:
1 In the CONFIGURATION tab, select Event Log > Log Viewer in the navigation pane,
The Event Log page is displayed.
1 Select the log topic.
2 Click Export to Excel.
Increasing a Volume Size When Additional Storage is Available for the Volume
To enlarge a volume in the IBM COS FA Gateway:
1 Log on to the IBM COS FA Gateway as an administrator.
2 In the CONFIGURATION tab, select Storage > Volumes in the navigation pane.
Increasing a Volume Size When Additional Storage is Not Available For the Volume
2 Click Settings.
3 To specify that the IBM COS FA Gateway should download and install firmware updates
automatically, click Download and install updates automatically.
If you do not select this option, you must perform firmware updates manually, as described in
Manually Upgrading the Firmware.
4 To specify that the IBM COS FA Gateway should automatically reboot after installing new
firmware updates, do the following:
a Click Restart automatically after installing new firmware.
b Specify when automatic rebooting should occur, by doing one of the following:
• To reboot as soon as possible after a firmware update, choose As soon as possible.
In this case, the IBM COS FA Gateway will reboot as soon as it is recommended to do so.
For example, the automatic reboot might be deferred, if the IBM COS FA Gateway is
undergoing system maintenance that should not be interrupted.
• To reboot only during specific hours, choose During these hours, then use the drop-down
lists to specify the desired time range.
If you do not enable automatic rebooting, then you will need to reboot the IBM COS FA Gateway
as described in Restarting the IBM COS FA Gateway, when this page indicates that a new update
has been installed.
5 Click Save.