I have some Linux servers that I’d like to talk to my Windows Server 2012R2 file server.
Since I’d like daemons, rather than users, to be able to communicate with the server, I thought this would be a good candidate for NFS.
Linux Side (1st round)
(I’m using Centos, but the general concept will apply to Fedora, Ubuntu, etc.)
Install the daemons that will access the file server. Most of these will create their own users.
Create any additional users you would like to be able to access the file server. You can always add more later.
To save some complexity (and not assume you pay for Active Directory), I’m not going to have my file server look up Linux IDs via Active Directory. Instead, I’m going to use flat passwd and group files, just like Linux.
Copy (via SSH, USB, copy/paste, whatever) the passwd and group files from /etc/ over to your Windows server.
You can delete all of the entries for users/groups that will not be accessing the share.
Copy the the passwd and group files to:
Create users (and groups) on your server with the same user name / group name as you created on your Linux server.
UPDATE: Make sure you set the Windows users to never have their passwords expire if they are service accounts. If they do, the users will lose access to the shares via NFS when the password expires.
The passwd and group files serve as a map between the user/group IDs in Linux and the user/group names in Windows.
Install Server for NFS on the Windows server.
Server Manager->Manage->Add Roles and Features
Next->Next->etc. until installed.
Browse to the folder on your file server you are looking to share.
Right click on it and choose Properties
Go to the NFS Sharing tab
Click the “Manage NFS Sharing” button
Check the “Share this folder” check box.
The only other change I make here is to uncheck the “Enable unmapped user access” option so that only users in the passwd file we copied over will have access to the server.
Next, click on the Permissions button at the bottom
I like to set “All Machines” to be no access, that way only the servers I specify will be able to mount the share.
Click the “Add…” button.
In the “Add Names:” box, enter the IP address of your Linux server.
Make sure Type of Access is set to the type you are looking for.
I prefer to leave “Allow root access” unchecked for a bit more security.
Press OK, OK, Close
If everything worked, the folder icon should now look like this:
Using the security tab, assign NTFS permission to the folder for the users you would like to be able to read/write to that folder, just as you would if it were an SMB share.
Linux Side (2nd Round)
Install the NFS client and enable (make start on boot) and start the services.
sudo yum -y install nfs-utils
sudo systemctl enable rpcbind
sudo systemctl enable nfs-server
sudo systemctl enable nfs-lock
sudo systemctl enable nfs-idmap
sudo systemctl start rpcbind
sudo systemctl start nfs-server
sudo systemctl start nfs-lock
sudo systemctl start nfs-idmap
Create a folder that will be used as the mount point for the file server, aka: Where do I go to get to the files on the file server.
I was really hoping to find a definitive “this is where to mount nfs shares” article, but some Binging around came up with nothing.
I will therefore advise you create a folder under /mnt, as that feels right to me.
sudo mkdir -p /mnt/[server name]/[share name]
It’s finally time to give the share a test.
sudo mount -t nfs [server name or ip]:/[nfs share name] /mnt/[server name]/[share name]
Make sure you are logged in as a user with permission to that folder and cd into it:
cd /mnt/[server name]/[share name]
You should now be able to create files and folders! (which will of course be visible on the file server as well)
The final step is to have the server automatically mount the share on boot.
sudo nano /etc/fstab
Add a line similar to:
[server dns name or ip]:/[share name] /mnt/[file server name]/[share] nfs defaults 0 0
Give the server a reboot to test automatic mounting
sudo shutdown -r now
When you reboot, the share should be mounted and all is good in the world!
PS: If you are using this for transmission-daemon (which I’m assuming you’re using for legitimate purposes), make sure you edit your settings.json file and set umask=0, otherwise transmission will create folders that it cannot create files in.