Prior to creating the user policy, you must determine if the policy should pertain to the members of the domain, organizational unit, or a group.
Launch NSMAdmin.
In the
menu, click .In the
menu, selectThe following screen appears:
Specify a descriptive name in the
field and leave the and options selected.The Policy Options page appears.
Continue with Section 5.5.1, Setting Policy Options.
Settings within Policy Options let you indicate how to apply the policy, set policy inheritance and policy weight, and write an expanded policy description.
In the Policy options region, fill in the following fields:
Process Events for Associated Managed Storage: Select this check box to apply the settings in this policy to all users within the domain or organizational unit where this policy is assigned. Deselect this check box to create a blocking policy that can be applied to a specific user or group. For more information on blocking policies, see Section 4.6, Creating a Blocking Policy.
Automatically Attempt to Bypass Events in Bypassable State: Select this check box to allow Novell Storage Manager to automatically attempt to address any pending events that can bypass administrative action.
Be careful when considering applying this setting to a policy. Doing so has the potential to make incorrect associations and, thus, grant a user access to a folder that he or she shouldn’t have. For example, suppose Tom Smith and Tammy Smith are in the same container and managed by the same policy, and that there is a home folder already created named TSMITH. Novell Storage Manager might consider this a bypassable event and, if this check box is selected, might associate the home folder to Tammy Smith, when it should belong to Tom Smith.
In the Policy Inheritance region, fill in the following fields:
Policy applies to subcontainers: Select this check box to have the settings in this policy inherited for all organizational units that reside within the domain or organizational unit where this policy is assigned.
Policy applies to nested group members: Select this check box to have the settings inherited by any nested groups you associate a policy to.
Policy Weight: When a user is a member of multiple groups and each group has a separate policy, Novell Storage Manager uses this setting to determine which policy to apply. Novell Storage Manager applies the policy with the largest numerical weight.
In the text field in the Description region, specify a description of the policy you are creating.
Click
to save your settings.Proceed with Section 5.5.2, Setting Associations.
The Associations page is where you assign the policy you are creating to a domain, organizational unit, Group object, or—if you are creating a blocking policy—a User object.
In the left pane, click
.Click the + button to bring up the Object Browser.
If you plan to assign the policy to a User object, select the
check box in the Filter region of the Object Browser.Browse through the directory structure and select the domain, organizational unit, Group object, or User object you want to associate the policy to.
The Domain Users group cannot be a target for a policy association.
Drag the object to the Selected Items pane, then click
.The Object Browser is closed and the path is displayed in fully qualified name format in the right pane of the window. For example, CN=Tellers,OU=Las Vegas,DC=NVB,DC=local.
Click
to close the Object Browser.Click
to save your settings.Proceed with Section 5.5.3, Provisioning Options.
The Provisioning Options page is where you indicate home folder rights, the network drive letter for the home folder, the location of a template for provisioning folder structure and content in a home folder when it is created, and more.
In the left pane, click
.The following page appears:
In the Folder Properties region, specify the following settings:
Default Rights: By default, Novell Storage Manager grants the user all file rights to the home folder except for Full Control. Granting Full Control is not recommended because it provides administrator rights to the home folder, and enables the user to rename and delete the folder.
Policy Defined Default Attributes: Select this check box to enable the
, , and check boxes, which provide the user the ability to set these attributes for the home folder. For example, if you wanted home folders to be hidden from view, you could enable the Hidden attribute by selecting the check box.By default, Novell Storage Manager assigns the user for whom a home folder is created as the home folder owner. Because this essentially provides the owner administrative rights to the home folder, you might want to provide ownership to the network administrator instead. To override the ownership and indicate a new owner, click the
check box, then browse to and select the User object you want to establish as the owner.The home folder user still has all rights—with the exception of administrative rights—to the home folder.
(Optional) To have subfolders and documents provisioned in the home folder when it is created, use an existing file path as a template.
For example, if you wanted each home folder to have an HR subfolder with some HR documents inside, click
to locate and select the HR folder in the file system.Everything beneath the selected folder is copied into the user’s home folder.
In the Home Folder Options region, indicate the network drive letter that users associated with this policy will use to access their home folders.
Click
to save your settings.Proceed with Section 5.5.4, Setting Target Paths.
The Target Paths page is where you set the paths to the shares where user home folders will be hosted.
In the left pane, click
.In the Target Placement region, fill in the following fields:
Distribution: If you create more than one target path for a policy, you can indicate any of the following options:
Distributes storage in an ordered sequence. For example, if you have two target paths listed on this page, User A’s home folder is created using the first path, User B’s home folder is created using the second path, and User C’s home folder is created using the first path.
Distributes the creation of user home folders according to shares with the largest amount of absolute free space. For example, if you have two target paths listed, target path 1 has 15 GB of free space, and target path 2 has 10 GB, the home folders are created using target path 1.
Distributes the creation of user home folders to volumes with the largest percentage of free space. For example, if you have two target paths listed, target path 1 is to a 10 TB share that has 30 percent free space and target path 2 is to a 500 GB share with 40 percent free space, the home folders are created using target path 2, even though target path 1 has more absolute available disk space. You should be cautious when using this option with target paths to shares of different sizes.
Leveling Algorithm: Use this option to structure the home folders so that they are categorized by the first or last letter of a username through a subordinate folder. For example, if you choose \\SERVER1\HOME\S\BSMITH.
, and the field is set to 1, a user named BSMITH has a home folder located in a path such asThe \\SERVER\HOME\2013\BMITH2013.
field allows you to enter up to 4 characters. This allows you to organize home folders by year. For example, if your Leveling Algorithm setting is , and the setting is 4, a user named BMITH2013 has a home folder located in a path such asMaximum Unreachable Paths: If you have a substantial number of target paths listed on this page, this field lets you indicate the number of target paths Novell Storage Manager accesses to attempt to create a home folder before it suspends the attempt.
For each target path that you want to establish, click the + button to access the Path Browser.
Browse to the location of the target path you want and click the + button to add the target path to the Selected Paths pane.
Click
to save your settings.Proceed to Section 5.5.5, Setting Quota Options.
This page lets you establish user storage quotas. Until quota management is established, users have unlimited storage disk space for their home folders.
NOTE:Novell Storage Manager can manage quota on NAS devices only if the NAS device implements the Windows 2008 File Server Resource Manager DCOM interface for quota management.
This page is also where you establish quota management settings for quota managers. A quota manager is a specified user—for example, a help desk administrator or technical support rep—who is granted the ability to increase a user’s quota, without having rights to the file system. Quota management actions are performed through Quota Manager, which is a separate Web browser-based management interface. For more information on Quota Manager, see Section 8.0, Using Quota Manager.
In the left pane, click
.The following page appears:
Select the
check box to enable an initial storage quota for users to whom this policy will apply.Leaving this check box deselected gives users unlimited user home folder storage.
In the
field, specify the initial storage quota for the user home folders.Set up quota managers and enable the Quota Manager Web interface for this policy by filling in the following fields:
Enable Quota Manager / Quota Preservation for this Policy: Select this check box to enable the Quota Management region of the page and to enable quota preservation.
Quota preservation preserves the home folder quota settings for users that are moved. For example, if a user is moved from the Sales organizational unit to the Marketing organizational unit, if the user’s quota allocation for the policy that applies to Sales were higher than the quota allocation for the policy that applies to Marketing, the quota allocations from the policy associated with the Sales policy are preserved for the user.
Quota Maximum: Indicate whether the user home folders associated with this policy will have a maximum quota setting. If so, indicate the maximum quota.
Quota Increment: Indicate whether quota managers will set the quota manually or in set increments. If you use manual increments, the quota manager can increase the quota in any increment until it meets the maximum quota setting. If you establish set increments, the quota manager can only increase the quota by the increment setting.
Quota Managers: Click the + button and use the Object Browser to browse to and select a user or group you want to serve as a quota manager by dragging the User or Group object over to the right pane. Repeat this for each user or group you want to establish as a quota manager.
If you do not specify a user or group as a quota manager, only members of the NSMAdmins group will be able to use the Quota Manager Web interface.
Click
to save your settings.Proceed with Section 5.5.6, Setting the Move Schedule.
This page lets you use a grid to specify when data can be moved during data migration operations.
By default, all days and times are available for data movement. If data movement during regular business hours creates unacceptable network performance, you can choose to move data after regular business hours.
In the left pane, click
.In the Data Move Schedule grid, click the squares for the day and hour you want to disable for data movement.
Click
to save your settings.Proceed with Section 5.5.7, Setting Cleanup Options.
This page lets you enable and specify cleanup rules for the user policy. Options for cleanup include deleting a home folder after a set number of days following the removal of a User object from Active Directory, or vaulting (rather than deleting) the home folder.
In the left pane, click
.Enable storage cleanup by filling in the following fields:
Enable: Select this check box to enable storage cleanup rules.
Cleanup storage: Specify the number of days a user home folder remains after the associated User object is removed from Active Directory.
Enable vault on cleanup by filling in the following fields:
Enable: Select this check box to enable vault on cleanup rules.
Vault Path: Click
to browse and select the share where you want the cleaned-up user home folders to be vaulted.When you indicate this path, it also appears in the
field of the Grooming Rules page, because grooming rules and vault on cleanup rules share the same vault path.Click
to save the settings.Proceed with Section 5.5.8, Setting Vault Rules.
When a User object is removed from Active Directory, you can have Novell Storage Manager vault the contents of the user’s home folder from a primary storage device to a less expensive secondary storage device. Novell Storage Manager lets you specify what to vault or delete through vault rules. For example, before vaulting a user’s home folder, you might want to remove all .tmp files. Or, you might want to vault only the user’s My Documents folder and nothing else in the home folder. You accomplish all of this through settings in the Vault Rules Editor.
In the left pane, click
.The
field displays the vault path that you established when you set up cleanup rules.Click the + button to bring up the Vault Rules Editor.
In the
field, specify a description of the vault rule.For example, “Files to delete before vaulting,” or “Files to vault.”
Fill in the following fields:
Action: Select whether this vault rule will delete or vault files.
If you select
, only the files or folders that you list in the text box are vaulted and the remainder of the home folder contents is deleted. Conversely, if you select , only the files or folder that you list in the text box is deleted and the remainder is vaulted.Files: If the vault rule you are creating will vault or delete content at the file level, leave the
option selected.Folders: If the vault rule you are creating will vault or delete content at the folder level, select the
option.Selecting
disables the filter settings in the lower portion of the Vault Rules Editor.Masks: List the files or folders you want to be vaulted or deleted, according to what is indicated in the
drop-down menu.File or folder names can contain an asterisk.
(Conditional) If the vault rule you are creating is specific to files, complete the applicable filter settings.
Leaving the setting as
, vaults or deletes all file types listed in the text box according to what is indicated in the drop-down menu. Choosing any of the other options from the drop-down menu lets you indicate files to delete or vault according to size, when created, when last modified, and when last accessed.Click
to save the vault rule.If necessary, create any needed additional vault rules by repeating the procedures above.
Proceed with Section 5.5.9, Setting Grooming Rules.
Grooming rules in Novell Storage Manager specify the file types that you do not want network users storing in their home folders. Examples of these might be MP3 and MP4 files, MOV files, and many others. You specify in the grooming rule whether to delete or vault a groomed file.
Grooming takes place as a Management Action that is run by the administrator. A Management Action is a manual action that is enacted through NSMAdmin. For more information, see Section 12.1.4, Management Actions.
In the left pane, click
.The
field displays the vault path that you established when you set up cleanup rules.Click the + button to bring up the Grooming Rules Editor.
In the
field, enter a description of the grooming rule.For example, “Files to groom in Henderson OU.”
Fill in the following fields:
Action: Select whether this grooming rule will delete or vault groomed files.
Files: If the grooming rule you are creating will vault or delete content at the file level, leave the
option selected.Folders: If the grooming rule you are creating will vault or delete content at the folder level, select the
option.Masks: List the files or folders you want to be vaulted or deleted, according to what is indicated in the
drop-down menu.File or folder names can contain an asterisk.
(Conditional) If the grooming rule you are creating is specific to files, complete the applicable filter settings.
Leaving the setting as
, vaults or deletes all file types listed in the text box according to what is indicated in the drop-down menu. Choosing any of the other options from the drop-down menu lets you indicate files to delete or vault according to size, when created, when last modified, and when last accessed.Click
to save the grooming rule.Proceed with Section 5.5.10, Notes.
The Notes page lets you enter up to 64,000 characters of notes for the policy you are creating. A practical use of this page is to provide a better description of the policy.
The Policy Summary page displays a summary of the policy settings in HTML format. The Policy Summary page provides an easy way to view all of the policy settings in a single page.