Dell EMC PowerStore

Configuring SMB
3.x

July 2022
Rev. A02
Notes, cautions, and warnings

NOTE: A NOTE indicates important information that helps you make better use of your product.

CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid
the problem.

WARNING: A WARNING indicates a potential for property damage, personal injury, or death.

© 2020 - 2022 Dell Inc. or its subsidiaries. All rights reserved. Dell Technologies, Dell, and other trademarks are trademarks of Dell Inc. or its
subsidiaries. Other trademarks may be trademarks of their respective owners.
Contents

Additional Resources.....................................................................................................................5

Chapter 1: Overview...................................................................................................................... 6
SMB support.........................................................................................................................................................................6
Planning considerations..................................................................................................................................................... 6

Chapter 2: Create NAS servers......................................................................................................8

Overview of configuring NAS servers............................................................................................................................ 8
Create NAS server for SMB (Windows-only) file systems ...................................................................................... 8
Change NAS server settings.............................................................................................................................................9

Chapter 3: Additional NAS Server Features.................................................................................. 11

Configure FTP or SFTP sharing protocol......................................................................................................................11
Configure NAS server networks..................................................................................................................................... 11
Configure file interfaces for a NAS Server............................................................................................................ 12
Configure routes for the file interface for external connections..................................................................... 12
Enable NDMP backup....................................................................................................................................................... 13
Configure NAS server Security.......................................................................................................................................13
Configure Kerberos security for the NAS server................................................................................................. 13
Understanding Common AntiVirus Agent (CAVA)............................................................................................... 14

Chapter 4: Create file systems and SMB shares........................................................................... 15

Create a file system...........................................................................................................................................................15
File system advanced settings for SMB................................................................................................................. 16
Create an SMB share........................................................................................................................................................ 17
Advanced SMB share properties..............................................................................................................................18

Chapter 5: More file system features...........................................................................................19

File-level retention............................................................................................................................................................. 19
Configure DHSM server............................................................................................................................................. 19
Configure file-level retention....................................................................................................................................20
Modify file-level retention......................................................................................................................................... 20
File system quotas............................................................................................................................................................ 20
Enable User Quotas..................................................................................................................................................... 21
Add a user quota onto a file system....................................................................................................................... 22
Add a quota tree onto a file system........................................................................................................................22
Add a user quota onto a quota tree........................................................................................................................ 22

Chapter 6: NAS Server replication............................................................................................... 23

Overview............................................................................................................................................................................. 23

Chapter 7: Using CEPA with PowerStore..................................................................................... 24

Events publishing...............................................................................................................................................................24
Create a publishing pool.................................................................................................................................................. 24

Contents 3
Create an event publisher............................................................................................................................................... 25
Enabling an event publisher for a NAS server............................................................................................................25
Enable event publisher for a file system......................................................................................................................26

4 Contents
Preface

NOTE: PowerStore OS 3.0.0 only supports PowerStore T model clusters.

As part of an improvement effort, revisions of the software and hardware are periodically released. Some functions that are
described in this document are not supported by all versions of the software or hardware currently in use. The product release
notes provide the most up-to-date information about product features. Contact your service provider if a product does not
function properly or does not function as described in this document.

Where to get help

Support, product, and licensing information can be obtained as follows:
● Product information
For product and feature documentation or release notes, go to the PowerStore Documentation page at https://
www.dell.com/powerstoredocs.
● Troubleshooting
For information about products, software updates, licensing, and service, go to https://www.dell.com/support and locate
the appropriate product support page.
● Technical support
For technical support and service requests, go to https://www.dell.com/support and locate the Service Requests page.
To open a service request, you must have a valid support agreement. Contact your Sales Representative for details about
obtaining a valid support agreement or to answer any questions about your account.

Additional Resources 5
1
Overview
This chapter contains the following information:
Topics:
• SMB support
• Planning considerations

SMB support
PowerStore T model supports SMB 1 through SMB 3.1.1. When SMB support is enabled on the NAS server, you can create
SMB-enabled file systems. The NAS server with SMB support can either be stand-alone or Active Directory domain-joined.
Domain-joined NAS servers are placed in the OU=Computers, OU=EMC NAS Servers organizational unit by default.
SMB file systems and shares have the following advanced protocol options:

NOTE: These options, except for Oplocks Enabled, are disabled by default.

Table 1. SMB advanced protocol options

Protocol option Level
Sync Writes Enabled File system
Oplocks Enabled File system
Notify on Write Enabled File system
Notify on Access Enabled File system
Continuous Availability Share
Protocol Encryption Share
Access-Based Enumeration Share
Branch Cache Enabled Share
Offline Availability Share

Planning considerations
Review the following information before configuring NAS servers and file systems:
File storage support is only available with PowerStore T model appliances. File storage is not supported with PowerStore X
model appliances.

NAS server networks

Configure the following before configuring NAS servers with SMB protocol:
1. Configure one or more DNS servers.
2. If you are joining the NAS server to the Active Directory (AD), configure at least one NTP server on the storage system to
synchronize the date and time. It is recommended that you set up a minimum of two NTP servers per domain to avoid a
single point of failure.
NOTE: During AD creation, NTP is configured.

6 Overview
3. Create a domain account in Active Directory.
Creating network VLANs and IP addresses is optional for NAS servers. If you plan to create a VLAN for NAS servers, the VLAN
cannot be shared with the PowerStore T model management, or storage networks. Also, be sure to work with your network
administrator to reserve the network resources and configure the network on the switch. See the PowerStore Networking
Guide for PowerStore T Models for details.

Deployment requirements
NAS services are only available on PowerStore T model appliances. If you are running PowerStore X model appliances, this
service is not available.
You must have chosen Unified during initial configuration of your PowerStore T model appliance. If you chose Block
Optimized while running the Initial Configuration Wizard, NAS services were not installed. To install NAS services, you will
need to have your system reinitialized by a customer support representative. Reinitializing the system:
● Sets the appliance back to the factory state.
● Removes all configuration that was done on the system through the Initial Configuration Wizard.
● Removes any configuration that is performed in PowerStore after initial configuration.

Other considerations
Both nodes on the appliance must be up and running to create a NAS server. If one of the nodes is down on the appliance, NAS
server creation will fail.

Creating SMB shares

Complete the following before you can create SMB shares in PowerStore:
1. Create NAS servers with SMB protocol
2. Create a file system for SMB shares

Documentation resources
Refer to the following for additional information:

Table 2. Documentation resources

Document Description Location
PowerStore Networking Provides network planning and configuration https://www.dell.com/
Guide for PowerStore T information. powerstoredocs
Models
PowerStore Configuring Provides information necessary to configure NFS
NFS Guide Exports with PowerStore Manager.
Dell EMC PowerStore File Discusses the features, functionality, and protocols
Capabilities White Paper supported by Dell EMC PowerStore file architecture.
PowerStore Online Help Provides context-sensitive information for the page Embedded in PowerStore Manager
opened in PowerStore Manager.

Overview 7
2
Create NAS servers
This chapter contains the following information:
Topics:
• Overview of configuring NAS servers
• Create NAS server for SMB (Windows-only) file systems
• Change NAS server settings

Overview of configuring NAS servers

Before you can provision file storage on the PowerStore T model appliance, a NAS server must be running on the system. A NAS
server is a file server that supports the SMB protocol, NFS protocol, or both to share data with host clients. It also catalogs,
organizes, and optimizes read and write operations to the associated file systems.
This document describes how to configure a NAS server with SMB protocol, on which file systems with SMB shares can be
created.

Create NAS server for SMB (Windows-only) file

systems
You create a NAS server before creating file systems.

Prerequisites
Obtain the following information:
● Network port, IP Address, Subnet Mask/Prefix Length, Gateway information for the NAS Server.
NOTE: IP Address and Subnet Mask/Prefix Length are mandatory.
● VLAN identifier, if the switch port supports VLAN tagging.
NOTE: You cannot reuse VLANs that are being used for the management and storage networks.
● If you are configuring a stand-alone NAS server, obtain the workgroup and NetBIOS name. Then define what to use for the
stand-alone local administrator of the SMB server account.
● If you are joining the NAS server to the Active Directory (AD), ensure that NTP is configured on your storage system. Then
obtain the SMB computer name (used to access SMB shares), Windows domain name, and the username and password of a
domain administrator or domain user who has a sufficient domain access level to join the AD.

Steps
1. Select Storage > NAS Servers.
2. Select Create.
3. Continue to work through the Create NAS Server wizard.

Wizard Screen Description

Details Enter a NAS server name, description, and network details.
Sharing Protocol Select Sharing Protocol
Select SMB.

8 Create NAS servers

Wizard Screen Description

NOTE: If you select both SMB and NFS protocols, you automatically enable the NAS server to
support multiprotocol. Multiprotocol configuration is not described in this document.
Windows Server Settings
Select Standalone to create a stand-alone SMB server or Join to the Active Directory Domain to
create a domain member SMB server.
If you join the NAS server to the AD, optionally Select Advanced to change the default NetBios name
and organizational unit.
DNS
If you selected to Join to the Active Directory Domain, it is mandatory to add a DNS server.
Optionally, enable DNS if you want to use a DNS server for your stand-alone SMB server.
User Mapping
The User Mapping page displays if you have selected to join the active directory domain.
Keep the default Enable automatic mapping for unmapped Windows accounts/users, to support
joining the active directory domain. Automatic mapping is required when joining the active directory
domain.

Protection Select a protection policy from the list.

Policy
Summary Review the content and Select Previous to go back and make any corrections.
4. Select Create NAS Server.
The Status window opens, and you are redirected to the NAS Servers page once the server is created.

Next steps
Once you have created the NAS server for SMB, you can continue to configure the server settings, or create file systems.
Select the NAS server to continue to configure, or modify the NAS server settings.

Change NAS server settings

Once you have created a NAS server, you can make configuration changes to the server.

About this task

NOTE: When there is a remote system connection, it may take up to 15 minutes for NAS server configuration changes to
be reflected on the remote NAS server.

Steps
1. Select Storage > NAS Servers > [nas server].
2. On the Network page, optionally configure the network interfaces or the routes to external networks as described in
Configure NAS server networks.
3. On the Naming Services page, optionally add, modify, or delete NAS server DNS servers.
NOTE: You cannot disable DNS for NAS servers that support SMB file sharing and that are joined to an Active Directory
(AD).

4. On the Sharing Protocols page:

● Select the SMB Server card to enable or disable support for Windows shares, or to change the type of lookup the SMB
server will use.
NOTE: If you change the Windows Server Type from Standalone to Join to the Active Directory Domain,
then you must go to the User Mapping tab and select Enable automatic mapping for unmapped Windows
accounts/users.

Create NAS servers 9

● Select the FTP card to enable or disable FTP or SFTP, change FTP or SFTP properties, configure user authentication, a
user home directory, and authentication message settings.
For details see Configure FTP sharing protocol.
● Select User Mapping to enable the server to use automatic mapping for unmapped Windows account/users, or the
default account for unmapped Windows account users.
5. On the Protection & Events page, enable or disable NDMP.
For details see Enable NDMP Protection and Events.
6. On the Security tab:
● Select Kerberos to add the active directory (AD) realm for Kerberos authentication or to configure a custom Kerberos
realm.
● Select Antivirus to enable or disable the anti-virus service and to retrieve or upload the anti-virus configuration file.
For details see Configure NAS Server Security

10 Create NAS servers

3
Additional NAS Server Features
This chapter contains the following information:
Topics:
• Configure FTP or SFTP sharing protocol
• Configure NAS server networks
• Enable NDMP backup
• Configure NAS server Security

Configure FTP or SFTP sharing protocol

You can configure FTP or FTP over SSH (SFTP) after the NAS server has been created.

Prerequisites
Passive mode FTP is not supported.

About this task

FTP access can be authenticated using the same methods as SMB. Once authentication is complete, access is the same as
SMB for security and permission purposes. If the format is domain@user or domain\user, SMB authentication is used. SMB
authentication uses the Windows Domain Controller.

Steps
1. Select Storage > NAS Servers > [nas server] > Sharing Protocols > FTP tab.
2. Under FTP, if Disabled in on, slide the button to Enable.
3. Optionally also enable SSH FTP. Under SFTP, if Disabled in on, slide the button to Enable.
4. Select which type of authenticated users have access to the files.
5. Optionally, show the Home Directory and Audit options.
● Select or clear the Home directory restrictions. If disabled, enter the Default home directory.
● Select or clear Enable FTP/SFTP Auditing. If checked, enter the directory location of where to save the audit files, and
the maximum size allowed for the audit file.
6. Optionally, Show Messages, and enter a default welcome message, and message of the day.
7. Optionally, show the Access Control List, and add a list of users, groups, and hosts that are allowed, or denied FTP access.
8. Select Apply.

Configure NAS server networks

You can modify or configure NAS server networks.
Configure the following for NAS server networks:
● The file interfaces
● Routes to external services such as hosts.

Additional NAS Server Features 11

Configure file interfaces for a NAS Server
You can configure the file interfaces for a NAS server after the server has been added to PowerStore.

About this task

You can add more file interfaces, and define which is the preferred interface to use. Also, you can define which interface to use
for production and backup, or for IPv4, or IPv6.

Steps
1. Select Storage > NAS Servers > [nas server].
2. On the Network page, click Add to add another file interface to the NAS server.
3. Enter the File Interface properties.
NOTE: You cannot reuse VLANs that are being used for the management and storage networks.

4. You can perform the following on a File Interface by selecting a file interface from the list. Click:

Option Description
Modify To change the properties of the file interface properties.
Delete To delete the file interface from the NAS server.
Ping To test the connectivity from the NAS server to the external IP address.
Preferred To define which interface PowerStore should default to using when multiple production and backup
Interface interfaces have been defined.

Configure routes for the file interface for external connections

You can configure the routes that the file system uses for external connections.

Prerequisites
You can use the Ping option from the File Interface card to determine if the file interface has access to the external resource.

About this task

Usually, the NAS server interfaces are configured with a default gateway, which is used to route requests from the NAS server
interface to external services.
Use the following steps:
● If you need to configure more granular routes to external services.
● To add a route to access a server from a specific interface through a specific gateway.

Steps
1. Select Storage > NAS Servers > [nas server] > Network > Routes to External Services.
2. Click Add to enter the route information in the Add Route wizard.

12 Additional NAS Server Features

Enable NDMP backup
You can configure standard backup for the NAS servers using NDMP. The Network Data Management Protocol (NDMP)
provides a standard for backing up file servers on a network. Once NDMP is enabled, a third-party Data Management
Application (DMA), such as Dell EMC Networker, can detect the PowerStore NDMP using the NAS server IP address.

About this task

Enabling NDMP is performed after the NAS server is created.
PowerStore supports:
● Three-way NDMP. The data is transferred through the DMA over a local area network (LAN) or Wide Area Network (WAN).
● Full and incremental backups.

Steps
1. Select Storage > NAS Servers > [nas server] > Protection .
2. Under NDMP Backup, if Disabled is on, slide the button to change to Enabled.
3. Enter a password for the New Password.
The user name is always ndmp.
4. Re-enter the same password as the new password in Verify Password.
5. Click Apply.

Next steps
Leave the NDMP page, and return back to the NDMP page to validate that NDMP is enabled.

Configure NAS server Security

You can configure the NAS server with Kerberos or Antivirus security.
Configuring NAS server security includes the following options:
● Kerberos
● Antivirus

Configure Kerberos security for the NAS server

You can configure the NAS server with Kerberos security.

About this task

Be sure to add the SMB server to the AD domain before configuring Kerberos.
If you are configuring the NAS server for SMB-only, you do not need a Keytab file. Keytab file is only required for Secure NFS
configuration.

Steps
1. Select Storage > NAS Servers > [nas server] > Security > Kerberos.
2. If Disabled is on, slide the button to change to Enabled.
3. Enter the name of the Realm.
4. Enter the Kerberos IP Address and click Add.
5. Enter the TCP Port to use for Kerberos. 88 is the default port.
6. Click Apply.

Additional NAS Server Features 13

Understanding Common AntiVirus Agent (CAVA)
Common AntiVirus Agent (CAVA) provides an antivirus solution to clients using a NAS server. It uses an industry-standard SMB
protocol in a Microsoft Windows Server environment. CAVA uses third-party antivirus software to identify and eliminate known
viruses before they infect files on the storage system.
Antivirus software is important because the storage system is resistant to the invasion of viruses because of its architecture.
The NAS server runs data access in real-time using an embedded operating system. Third parties are unable to run programs
containing viruses on this operating system. Although the operating system software is resistant to viruses, Windows clients
that access the storage system require virus protection. Virus protection on clients reduces the chance that they will store an
infected file on the server, and protects them if they open an infected file. This antivirus solution consists of a combination of
the operating system software, CAVA agent, and a third-party antivirus engine. The CAVA software and a third-party antivirus
engine must be installed on a Windows Server in the domain.
For the CEE CAVA versions required by PowerStore see the PowerStore Release Notes. For additional information about
CAVA, which is part of Common Event Enabler (CEE), see Using the Common Event Enabler on Windows Platforms on https://
www.dell.com/support.

Enable Common AntiVirus Agent (CAVA)

You enable CAVA, and upload the CAVA configuration file when you want to add anti-virus protection to your SMB shares.

Steps
1. From PowerStore Manager go to the Storage > NAS Servers > [nas server] > Security > Antivirus tab.
2. If Disabled is on, slide the button to change to Enabled.
3. If you do not have a current CAVA configuration file available:
a. Click Retrieve Current Configuration.
b. Complete the CAVA configuration file template.
c. Upload the updated CAVA configuration file.
4. Click Enabled and Apply to enable Antivirus scanning.

14 Additional NAS Server Features

4
Create file systems and SMB shares
This chapter contains the following information:
Topics:
• Create a file system
• Create an SMB share

Create a file system

A file system must be created on the NAS server before you can create an SMB share.

Prerequisites
Ensure that there is a NAS server that is configured to support the SMB protocol as described in Configuring NAS servers.

Steps
1. Select Storage > File Systems and click Create.
2. Continue to work through the Create File System wizard.

Option Description
Select Type Select General file system type
Select NAS Select a NAS server enabled for SMB.
Server
Advanced SMB Optionally choose from the following:
Settings ● Sync Writes Enabled
● Oplocks Enabled
● Notify on Write Enabled
● Notify on Access Enabled
● Enable SMB Events Publishing
For details see File system advanced settings for SMB shares.

File System Provide the file system name, and the size of the file system.
Details
The file system size can be from 3 GB to 256 TB.
NOTE: All thin file systems, regardless of size, have 1.5 GB reserved for metadata upon creation.
For example, after creating a 100GB thin file system, PowerStore T model immediately shows 1.5 GB
used. When the file system is mounted to a host, it shows 98.5 GB of usable capacity.

This is because the metadata space is reserved from the usable file system capacity.

File-Level Optionally, select file-retention type:

Retention ● Enterprise (FLR-E) - Protects content from changes that are made by users through CIFS and FTP.
An administrator can delete an FLR-E file system that contains protected files.
● Compliance (FLR-C) - Protects content from changes that are made by users and administrators and
complies with SEC rule 17a-4(f) requirements. FLR-C file system can be deleted only when it does
not contain any protected files.
NOTE: FLR state and file-retention type are set at file system creation and cannot be modified.

Set the retention periods:

Create file systems and SMB shares 15

Option Description
● Minimum - Specifies the shortest period for which files can be locked (default value is 1 day).
● Default - Used when a file is locked and no retention period is specified.
● Maximum - Specifies the longest period for which files can be locked.
SMB Share Optionally, configure the initial SMB Share. You can add shares to the file system after the initial file
system configuration.
For details about the SMB Share options, see: Create an SMB share.

Protection Optionally, provide a protection policy for the file system. PowerStore supports both snapshots and
Policy replication for file storage protection.
Summary Review the summary. Go back to make necessary updates.
3. Click Create File System.
The file system is displayed in the File System list, and if you created an SMB Share, it is displayed in the SMB Share list.

File system advanced settings for SMB

You can add advanced settings to SMB-enabled file systems while creating a file system.

Table 3. File system advanced settings for SMB

Setting Description
Sync Writes Enabled When you enable the synchronous writes option for a Windows (SMB) or multiprotocol
file system, the storage system performs immediate synchronous writes for storage
operations, regardless of how the SMB protocol performs write operations. Enabling
synchronous writes operations enables you to store and access database files (for
example, MySQL) on storage system SMB shares. This option guarantees that any
write to the share is done synchronously and reduces the chances of data loss or file
corruption in various failure scenarios, for example, loss of power.
This option is disabled by default.
NOTE: The synchronous writes option can have a significant impact on
performance. It is not recommended unless you intend to use Windows file systems
to provide storage for database applications.

Oplocks Enabled (Enabled by default) Opportunistic file locks (oplocks, also known as Level 1 opslock)
enable SMB clients to buffer file data locally before sending it to a server. SMB
clients can then work with files locally and periodically communicate changes to the
storage system rather than having to communicate every operation over the network
to the storage system. This feature is enabled by default for Windows (SMB) and
multiprotocol file systems. Unless your application handles critical data or has specific
requirements that make this mode or operation unfeasible, leaving the oplocks enabled
is recommended.
The following oplocks implementations are supported:
● Level II oplocks, which informs a client that multiple clients are accessing a file, but
no client has yet modified it. A level II oplock lets the client perform read operations
and file attribute fetches by using cached or read-ahead local information. All other
file access requests must be sent to the server.
● Exclusive oplocks, which informs a client that it is the only client opening the file.
An exclusive oplock lets a client perform all file operations by using cached or
read-ahead information until it closes the file, at which time the server must be
updated with any changes that are made to the state of the file (contents and
attributes).
● Batch oplocks, which informs a client that it is the only client opening the file. A
batch oplock lets a client perform all file operations by using cached or read-ahead
information (including opens and closes). The server can keep a file opened for
a client even though the local process on the client machine has closed the file.
This mechanism curtails the amount of network traffic by letting clients skip the
extraneous close and open requests.

16 Create file systems and SMB shares

Table 3. File system advanced settings for SMB (continued)
Setting Description
Notify on Write Enabled Enable notification when a file system is written to.
This option is disabled by default.

Notify on Access Enabled Enable notification when a file system is accessed.

This option is disabled by default.

Enable SMB Events publishing Enable the processing of SMB events for this file system.

Create an SMB share

You can create an SMB share on a file system that has been created with an SMB-enabled NAS server.

Steps
1. Select Storage > File System > SMB Share.
2. Click Create and continue to work through the Create SMB Share wizard.

Option Description
Select File Select a file system that has been enabled for SMB.
System
Select a snapshot Optionally, select one of the file system snapshots on which to create the share.
of the file system
Only snapshots are supported for file system protection policies. Replication is not supported for file
systems.

SMB Share Enter a name, and local path for the share. When entering the local path:
Details ● You can create multiple shares with the same local path on a single SMB file system. In these cases,
you can specify different host-side access controls for different users, but the shares within the file
system have access to common content.
● A directory must exist before you can create shares on it. If you want the SMB shares within the
same file system to access different content, you must first create a directory on the Windows host
that is mapped to the file system. Then, you can create corresponding shares using PowerStore.
You can also create and manage SMB shares from the Microsoft Management Console.
PowerStore also created the SMB Share path, which uses the host to connect to the share.
The export path is the IP address of the file system, and the name of the share. Hosts use either the
file name or the share path to mount or map to the share from a network host.

Advanced SMB Enable one or more of the Advanced SMB Settings.

Properties ● Continuous Availability
● Protocol Encryption
● Access-based Enumeration
● Branch Cache Enabled
Decide which objects are available when the share is offline.
For details see Advanced SMB properties.

Next steps
Once you create a share, you can modify the share from PowerStore or using the Microsoft Management Console.
To modify the share from PowerStore, select the share from the list on the SMB Share page, and click Modify.

Create file systems and SMB shares 17

Advanced SMB share properties
You can configure the following advanced SMB share properties when you create an SMB share or change its properties:

Table 4. Advanced SMB Properties

Option Description
Continuous Availability Gives host applications transparent, continuous access to a share following a failover of
the NAS server on the system (with the NAS server internal state saved or restored
during the failover process).
NOTE: Enable continuous availability for a share only when you want to use
Microsoft Server Message Block (SMB) 3.0 protocol clients with the specific share.

Protocol Encryption Enables SMB encryption of the network traffic through the share. SMB encryption is
supported by SMB 3.0 clients and above. By default, access is denied if an SMB 2 client
attempts to access a share with protocol encryption enabled.
You can control this by configuring the RejectUnencryptedAccess registry key on the
NAS Server. 1 (default) rejects non-encrypted access and 0 allows clients that do not
support encryption to access the file system without encryption.

Access-Based Enumeration Filters the list of available files and directories on the share to include only those to
which the requesting user has read access.
NOTE: Administrators can always list all files.

Branch Cache Enabled Copies content from the share and caches it at branch offices. This allows client
computers at branch offices to access the content locally rather than over the WAN.
BranchCache is managed from Microsoft hosts.

Offline Availability Configures the client-side caching of offline files:

● Manual: Files are cached and available offline only when caching is explicitly
requested.
● Programs and files opened by users: All files that clients open from the share are
automatically cached and available offline. Clients open these files from the share
when they are connected to it. This option is recommended for files with shared
work.
● Programs and files opened by users, optimize for performance: All files that
clients open from the share are automatically cached and available offline. Clients
open these files from the share's local cache, if possible, even when they are
connected to the network. This option is recommended for executable programs.
● None: Client-side caching of offline files is not configured.

18 Create file systems and SMB shares

5
More file system features
This chapter contains the following information:
Topics:
• File-level retention
• File system quotas

File-level retention
File-level retention (FLR) enables you to prevent modifications or deletion of locked for a specified retention period. Protecting
a file system using FLR enables you to create a permanent, and unalterable set of files and directories. FLR ensures data
integrity and accessibility, simplifies archiving procedures for administrators and improves storage management flexibility.
There are two levels of file-level retention:
● Enterprise (FLR-E) - Protects data from changes that are made by users and storage administrators using SMB, NFS, and
FTP. An administrator can delete an FLR-E file system which includes locked files.
● Compliance (FLR-C) - Protects data from changes that are made by users and storage administrators using SMB, NFS,
and FTP. An administrator cannot delete an FLR-C file system which includes locked files. FLR-C complies with SEC rule
17a-4(f).
The following restrictions apply:
● File-level retention is available on unified PowerStore system 3.0 or later.
● FLR is not supported in VMware file systems.
● Enabling a file-level retention for a file system and the level of FLR are set at file system creation time and cannot be
modified.
● FLR-C does not support restoring from a snapshot.
● When refreshing using a snapshot, both file systems must be of the same FLR level.
● When replicating a file system, source and destination file systems must be of the same FLR level.
● A cloned file system has the same FLR level as the source (cannot be modified).
The FLR mode is displayed in the File Systems screen.

Configure DHSM server

Prerequisites
File-level retention requires DHSM server credentials.
DHSM server is also required for Window hosts that want to use FLR and are required to install FLR toolkit that enables
managing FLR-enabled file systems.

Steps
1. Select Storage > NAS Servers > [NAS server] > Protection > DHSM.
2. If disabled, slide the button to Enabled.
3. Enter the user name and password for the DHSM server and verify the password.
4. Select Apply.

More file system features 19

Configure file-level retention
File-level retention is configured at file system creation. For details, see Create a file system.

NOTE: Retention period parameters can be modified at a later time.

Modify file-level retention

About this task

Retention period parameters can be set at file system creation or later and can be modified. Modifying retention period
parameter does not affect files that are already locked.

Steps
1. Select Storage > File Systems > [file system] > Security & Events > File-Level Retention.
2. Set the retention period parameters:
● Minimum retention period - Specifies the shortest period for which an FLR-enabled file system can be protected (default
value is one day).
● Default retention period - Used when a file is locked and a retention period is not specified (default value is one year).
● Maximum retention period - Specifies the longest period for which an FLR-enabled file system can be protected (default
value is infinite).
3. Optionally, set the advanced settings:
● Automatic file locking - You can specify whether to automatically lock files in an FLR-enabled file system and set a policy
interval that determines the time period between file modification and automatic lock (policy interval default value is one
hour).
● Automatic file deletion - You can specify whether to automatically delete locked files after their retention period is
expired. The first scan for locating files for deletion is seven days after the feature is enabled.
4. Select Apply.

File system quotas

You can track and limit drive space consumption by configuring quotas for file systems at the file system or directory level. You
can enable or disable quotas at any time, but it is recommended that you enable or disable them during non-peak production
hours to avoid impacting file system operations.
NOTE: You cannot enable quotas for read-only file systems.

NOTE: Quotas are not supported in VMware file systems.

Types of quotas
There are three types of quotas you can put on a file system.

Table 5. Quota types

Type Description
User Quotas Limits the amount of storage that is consumed by an individual user storing data on
the file system.
Tree Quota Tree quotas limit the total amount of storage that is consumed on a specific directory
tree. You can use tree quotas to:
● Set storage limits on a project basis. For example, you can establish tree quotas
for a project directory that has multiple users sharing and creating files in it.

20 More file system features

Table 5. Quota types (continued)
Type Description
● Track directory usage by setting the tree quota hard and soft limits to 0 (zero).
NOTE: If you change the limits for a tree quota, the changes take effect
immediately without disrupting file system operations.

User quota on a quota tree Limits the amount of storage that is consumed by an individual user storing data on
the quota tree.

Quota Limits
Table 6. Hard and Soft Limits
Type Descriptions
Hard A hard limit is an absolute limit on storage usage.
If a hard limit is reached for a user quota on a file system or quota tree, the user cannot write
data to the file system or tree until more space becomes available. If a hard limit is reached
for a quota tree, no user can write data to the tree until more space becomes available.

Soft limit A soft limit is a preferred limit on storage usage.

The user is allowed to use space until a grace period has been reached.
The user is alerted when the soft limit is reached, until the grace period is over. After that, an
out of space condition is reached until the user gets back under the soft limit.

Quota Grace Period

The Quota Grace Period, provides the ability to set a specific grace period to each tree quota on a file system. The grace period
counts down the time between the soft and hard limit, and alerts the user about the time remaining before the hard limit is met.
If the grace period expires you can not write to the file system until more space has been added, even if the hard limit has not
been met.
You can set an expiration date for the Grace Period. The default is 7 days, alternatively you can set the Grace Period expiration
date to an infinite amount of time and the Grace Period will never expire, or for specified number of days, hours or minutes.
Once the Grace Period expiration date is met, the Grace Period will no longer apply to the File System directory.

Additional information
For more information on quotas, see the Dell EMC PowerStore File Capabilities White Paper.

Enable User Quotas

You must enable Quotas and set the User Quota defaults before you can add a User Quota to a files system.

Steps
1. Select Storage > File Systems > [file system] > Quotas.
2. Select Storage > File Systems > [file system] > Quotas > Properties.
3. Slide the Disabled button to the right until it is Enabled.
4. Enter the default Grace Period for the user quota on the file system which will count down time after the soft limit is met
until the hard limit will be met.
5. Enter a default Soft Limit, and a default Hard Limit and click Update.

More file system features 21

Add a user quota onto a file system
Create a user quota on a file system to limit or track the amount of storage space that individual users consume on that file
system. When you create or modify user quotas, you can use default hard and soft limits that are set at the file-system level.

Prerequisites
You must enable Quotas and set the User Quota defaults before you can add a User Quota to a files system. See Enable User
Quotas.

NOTE: You cannot create quotas for read-only file systems.

Steps
1. Select Storage > File Systems > [file system] > Quotas > User.
2. Select Add on the User Quota page.
3. In the Add User Quota wizard, provide the requested information. To track space consumption without setting limits, set
Soft Limit and Hard Limit to 0, which indicates no limit.
4. Select Add.

Add a quota tree onto a file system

About this task
Create a quota tree at the directory level of a file system to limit or track the total storage space that is consumed for that
directory.

Steps
1. Select Storage > File Systems > [file system] > Quotas > Tree Quotas.
2. Select Add.
3. Slide the Enforce User Quota to the right to enabled User Quota defaults on the Tree Quota.
4. Provide the requested information.
● Enter a Grace Period to count down the time between the soft and hard limit. You will begin to receive alerts once the
grace period is reached.
● To track space consumption without setting limits, set the Soft Limit and Hard Limit fields to 0, which indicates no
limit.
5. Select Add.

Add a user quota onto a quota tree

Create a user quota on a quota tree to limit or track the amount of storage space that individual users consume on that tree.
When you create user quotas on a tree, you can to use the default grace period and default hard and soft limits that are set at
the tree-quota level.

Steps
1. Select Storage > File Systems > [file system] > Quotas > Tree Quotas.
2. Select a path, and click Add User Quota.
3. On the Add User Quota screen, provide the requested information. To track space consumption without setting limits, set
the Soft Limit and Hard Limit fields to 0, which indicates no limit.

22 More file system features

6
NAS Server replication
This chapter contains the following information:
Topics:
• Overview

Overview
PowerStore enables you to replicate NAS servers asynchronously between a local system and a remote system. Replication
occurs at a NAS server level - all the file systems within the replicated NAS server are replicated to the remote system. RPO is
configured at the NAS server level and is identical across all associated file systems.
It is not required to define separate protection policies for NAS servers. The same protection policies can be applied to both
block and file replication.
You can fail over a replication session to the remote system. Failover occurs for all the file systems within the failed over NAS
server.
The following pre-requisites are required to enable file replication:
● A file remote system
● A File Moblility network must be configured and mapped (see Networking Guide for PowerStore T models on the
PowerStore Documentation page at https://www.dell.com/powerstoredocs).
● A protection policy that includes a replication rule.
For detailed information about NAS server replication procedures, see Protecting your Data on the PowerStore Documentation
page at https://www.dell.com/powerstoredocs.

NAS Server replication 23

7
Using CEPA with PowerStore
This chapter contains the following information:
Topics:
• Events publishing
• Create a publishing pool
• Create an event publisher
• Enabling an event publisher for a NAS server
• Enable event publisher for a file system

Events publishing
CEE enables third-party applications to receive event information from the storage system upon accessing file systems.
The Common Event Enabler (CEE) provides an event publishing solution for PowerStore clients that allow third-party
applications to register and receive event notification and context from the storage system when accessing file systems.
Receiving event notification enables you to take event-driven actions on the storage to prevent security threats such as
ransomware or unauthorized access.
The CEE Common Events Publishing Agent (CEPA) consists of applications that are designed to process SMB and NFS files
and directory event notifications. The CEPA delivers both event notification and associated context to the application in one
message. Context can consist of file metadata or directory metadata that is needed for business policy decisions.
To enable CEE CEPA support, you must enable CEE CEPA and create an Event Publishing Pool on the NAS server.
An Event Publishing Pool defines the CEPA servers and the specific events that trigger notifications.
After configuring the NAS server, you can enable events publishing on the file system from which you want to receive events.
When a host generates an event on the file system over SMB or NFS, the information is forwarded to the CEPA server over
an HTTP connection. The CEE CEPA software on the server receives the event and publishes it, thus enabling the third-party
software to process it.
To use the Events Publishing Agent, it is required to have a PowerStore system with at least one NAS server configured on the
network.
For additional information about CEPA which is part of the Common Event Enabler (CEE), see Using the Common Event Enabler
on Windows Platforms on https://www.dell.com/support.

Create a publishing pool

Prerequisites
To create an event publishing pool, you must have an Events Publishing (CEPA) server FQDN.

About this task

An Event Publishing Pool defines the CEPA server and the specific events that trigger notifications. Define at least one of the
following event options:
● Pre Events - Events that are sent to the CEPA server for approval before processing.
● Post Events - Events that are sent to the CEPA server after they occur for logging or auditing purposes.
● Post Error Events - Error events that are sent to the CEPA server after they occur for logging or auditing purposes.

Steps
1. Select Storage > NAS Servers.

24 Using CEPA with PowerStore

2. Select NAS Settings.
3. In the Event Publishing window, select Publishing Pools and then select Create.
4. Enter a Pool Name.
5. Enter the CEPA server FQDN.
6. In the Event Configuration section, click the event types and select the events that you want to add to the pool.
7. Click Apply to create the Events Publishing Pool.

Create an event publisher

About this task

After configuring publishing pools, create an event publisher to set the response to the different event types.
NOTE: Event publishers are created at the system level and one event publisher can be associated with multiple NAS
servers.

Steps
1. Select Storage > NAS Servers.
2. Select NAS Settings.
3. Select Event Publishers and then select Create.
4. Continue to work through the Create Event Publisher wizard.

Wizard Screen Description

Select Publishing ● Enter a name.
Pools ● Select up to 3 Publishing Pools. To create a new Publishing Pool, click Create.
Configure Event ● Pre-Events Failure Policy - Select the wanted behavior when all CEPA servers are offline for pre-
Publisher events:
○ Ignore (default) - Assume that all events are acknowledged.
○ Deny - Deny events that require approval until CEPA servers are online.
● Post-Events Failure Policy - Select the wanted behavior when all CEPA servers are offline for
post-events:
○ Ignore (default) - Continue operating. Events that occurred while the CEPA servers are down,
will be lost.
○ Accumulate - Continue operating and save events to a local buffer (up to 500 MB).
○ Guarantee - Continue operating and save events to a local buffer (up to 500 MB). Deny access
when buffer is full.
○ Deny - Deny access to file systems when the CEPA servers are offline.
● HTTP/Microsoft RPC
● HTTP Port
5. Select Apply to create the Event Publisher.

Enabling an event publisher for a NAS server

About this task

After configuring the event publisher, enable it for the NAS server and all the file systems that are defined on it.

Steps
1. Select Storage > NAS Servers > [nas server].
2. On the Security & Events page, select Events Publishing.
3. Select an Event Publisher from the list and enable it.
4. Select whether to enable the event publisher for all the file systems that are defined on the NAS server.

Using CEPA with PowerStore 25

Alternatively, you can select to enable the event publisher for specific file systems. For details, see Enable event publisher
for file system.
5. Click Apply.

Enable event publisher for a file system

About this task

You can enable the event publisher for selected file systems.

Steps
1. Select Storage > File Systems > [file system].
2. On the Protection page, select Events Publishing.
3. Enable the event publisher for the file system and select the protocol.
4. Click Apply.

26 Using CEPA with PowerStore