SMB access to CompFlu data

SMB server

For the Linux machines of the cluster (servers, workstations, login node, compute nodes), access to the storage directories /{data,home}-{er,nbg} is handled by NFS.

Access to these directories from machines that are not integrated into Qlustar must necessarily be more complicated and/or less flexible.

To still make this possible, we operate a server for access to the data and home directories, working in an OS-agnostic fashion via SMB (Windows network shares): 

SMB server: \\ws.iek.kfa-juelich.de
SMB shares: \\ws.iek.kfa-juelich.de\home-er
            \\ws.iek.kfa-juelich.de\data-er
            \\ws.iek.kfa-juelich.de\home-nbg
            \\ws.iek.kfa-juelich.de\data-nbg

Credentials

For technical reasons, SMB servers cannot directly use standard Linux LDAP for authentication, hence we cannot have a 1:1 mapping of cluster users to storage access. We do have a dedicated user account for authentication to the SMB server instead: 

SMB username: hiern-compflu
SMB password:

This is most useful if you only need read access.

Writing, however, create conflicts with Linux filesystem permissions, which need chmod and chown orgies to resolve. If you need write access regularly, we can link your Qlustar account to a dedicated SMB password (it cannot be automatically synchronised with your standard FZJ credentials).

Access to Network shares

The SMB server is accessible from JuNet. This makes it easy to access the shares via cable network and VPN. The server is not open to the internet, including Eduroam WiFi.

  • Windows, Linux/GUI file manager: Add a network drive for the desired share. For Windows machines in the FZJAD (e. g. standard laptops), prepend your user name \j.doe with a backslash.
  • Linux/commandline: smbclient -U hiern-compflu //ws.iek.kfa-juelich.de/data-er (or similar)
  • MacOS: Finder menu → Go → Connect to Server… smb://ws.iek.kfa-juelich.de → Enter credentials → Select share
  • When you write files via SMB, the changes will be executed with the permissions of the user hiern-compflu. It is member of the group hi-ern, but still might not have write permissions to your home/data directories. When in doubt, a chmod g+w /data-er/j.doe/data-directory-I-want-to-write-into from the Linux commandline might be necessary.

Technicalities on the server side

  • compflu/backstage/smb-access.txt
  • Last modified: 2023-09-18 15:51
  • by j.hielscher