Wiki‎ > ‎

Windows 8 NSF

posted Aug 12, 2016, 5:12 PM by Dong Xu   [ updated Aug 12, 2016, 5:48 PM ]
For v4 support, try UMich program http://www.citi.umich.edu/projects/nfsv4/windows/

In Windows 8.1 Enterprise, There are two parts... First installing the client and second mounting the drive...

Installing the client

  1. Go to Control Panel → Programs → Programs and Features
  2. Select: Turn Windows features on or off" from the left hand navigation.
  3. Scroll down to "Services for NFS" and click the "plus" on the left
  4. Check "Client for NFS"
  5. Select "Ok"
  6. Windows should install the client. Once the client package is install you will have the "mount" command available.

Mounting the export

This assumes the following:

  • You know and can ping the hostname of the machine with the NFS exports
  • The name of the exported filesystem ( eg. /export, /home/users, /some/cool/file/path )
  • The file systems are properly exported and accessible

    1. Open a command prompt. ( Win+ R, enter "cmd" and press OK )
    2. Type:

      mount \\{machinename}\{filesystem} {driveletter}
      

    Examples:

    mount \\filehost\home\users H:
    mount \\server1234\long\term\file\storage S:
    mount \\nas324\exports E:
    

...and that's the basics.

https://bluehatrecord.wordpress.com/2015/05/14/for-the-sake-of-nfs-installing-services-for-nfs-in-windows/

Configuring the software

One quickly sees that the Client for NFS software is intended for use in an organization which supports that client with Active Directory’s Identity Management for UNIX component (which extends the directory schema to allow for mapping Windows user and group identities to UNIX UIDs and GIDs) or a User Name Mapping service (which runs on Windows Server).  Using the client as a stand-alone solution for a personal network or even within an organization which doesn’t support the client with formal infrastructure is difficult.  You’d think simple, local UID/GID mapping would be supported, but it is not.

However, there is a means by which we can goad Windows into effectively allowing us to mount NFS shares on single-user systems.  The solution is no good for systems with multiple users (in fact, it’s a horrible security flaw, since the solution forces every user on the Windows system to access the NFS share using the same UID/GID).  Fortunately for me, I have just such a single-user system from which I’d like access to my NFS data.

The trick is to instruct the Client for NFS to use the intended UID/GID combination as its “anonymous” account values.  This way, you don’t instruct the system to conduct any mapping between your Windows identity and the proper UNIX identity, rather, you just tell it to always use the same UID/GID combination when connecting to NFS.  The means by which to do this is not well documented (surprise, surprise), but is accomplished by adding two DWORD values to a registry key which should already exist:

  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default
    • REG_DWORD:  “AnonymousGid”
    • REG_DWORD:  “AnonymousUid”

Within those two DWORD values, place the desired UID and GID.  Restart the Client for NFS service, and you should now be able to mount your NFS shares.

Now, if you need a more complex solution to allow multiple users on the same machine to properly map their Windows identities to UID and GID combinations, you can try AD LDS Identity Mapping.  The link there is a step-by-step guide to implementing a identity mapping solution using AD LDS which should work on Windows 8.1 Enterprise, I imagine, given that Windows 8.1 Enterprise does include the AD LDS feature.  I haven’t tried it, and you’ll want to secure this service properly (i.e. disallow any external connections to it), but give it a shot if you need it and let me know how it goes.

Using the software

The Microsoft Management Console plugin nfsmgmt.msc is an easy-to-use, GUI-driven administration utility for the Client for NFS software.  Just type it into the Start menu and you should see the simple, two-node administrative structure appear.  From here, right-click on either node and you’ll see most, if not all, of the available administrative options for the Client software.

Beyond that, you can use the mount command from the command line, as described here, or you can mount shares directly in Windows Explorer as you usually would.

For my purposes, the simple solution of forcing the use of a single UID/GID combination through the Anonymous registry entries above suffices nicely.  Just be aware that anyone who can log into your Windows 8.1 device and get on your private network while using this configuration can access your NFS data as you can!



Comments