Creating a Share
How do I request Network File Storage service?
Where should I submit the ISR for Network File Storage payment?
ISRs should be submitted to the provider: IS&T - Systems Operations.
How long do I have to wait for my share to be created?
Shares are usually provisioned within two business days.
How much overhead should I account for when considering asking for storage space?
For Windows shares and NFS exports, storage is provisioned with an additional 10% above your request amount to allow for snapshot copy storage.
If your data is volatile, uncompressible or cannot be de-duplicated, you will incur above average snapshot reserve utilization and may need to purchase additional storage.
Currently, data protection overhead for S3 storage is 25%.
- e.g., For 1TB of storage, total storage required including data protection overhead will be 1.25TB.
Can I store restricted use and/or protected data?
This service has been approved for public, internal, confidential, and restricted use levels of data classification.
- Storing Restricted Use data is limited to data presented as Windows shares and requires additional licensing to ensure compliance.
- See Permissions Management & Data Loss Prevention for licensing information to protect Restricted Use data.
- Off- campus access to Restricted Use data requires use of the BU two-factor VPN with Duo Security (no single factor VPN is permitted to access).
- If you intend to save confidential data in the share, ensure the file is encrypted at the source prior to moving into the share.
Can I have a group or department share created, but not yet allow access to anyone but myself?
Windows Share (CIFS/SMB)
When a request comes in for a Windows share, we create a folder and grant an AD (Active Directory) security group or groups of your choice access to that folder. You can modify access by adding or removing members to/from the security group.
If you are using an existing security group with active members, we recommend creating a sub- folder within the parent share, which you can provision access to using standard Windows access management tools.
NFS
When you request an NFS export, you have root privileges on the host on which you will mount the NFS export from the share. Since you have root access, you are free to provision and remove access to your share whenever you’d like.
Using Your Share
How do I get access to my share space?
You should mount both the read/write and the read-only share paths provided by IS&T. CIFS/NFS shares are replicated every 15 minutes to a read-only storage cluster that can be accessed at any time. The full path of your share will be provided once it has been provisioned.
The file server names are provided below:
| Restricted-Use data? | Protocol | Read/Write site | Read-only site |
| No | CIFS (Windows) | \\nas1.bu.edu | \\nas2.bu.edu |
| Yes | CIFS (Windows) | \\nas-ru1.bu.edu | \\nas-ru2.bu.edu |
| No | NFS (Unix/Linux) | nas1.bu.edu | nas2.bu.edu |
- CIFS (Windows) Shares: Map the both the read/write and read-only share to separate Windows drives. General instructions for mapping network drives on Windows and Mac clients can be found on our Shared Network Drives page.
- NFS Exports: Mount the export to any mount-point of your choosing.
Following are instructions for mapping an NFS export called nas1.bu.edu:/ou/mydeptshare.
- For departmental or project archive share, substitute the NFS export name emailed to you when your archive was provisioned.
- If you have forgotten your archive NFS export name, please click on Help for assistance.
NFS v4 is available, however, support is under development. Mount your share using the NFS v3 mount option for your operating system:
Linux
Ensure that you are the root user in order to execute the following commands.
- # mkdir /myshare
- # mkdir /myshare-ro
- # mount –t nfs –o nfsvers=3 nas1.bu.edu:/ou/mydeptshare /myshare
- # mount –t nfs –o nfsvers=3 nas2.bu.edu:/ou/mydeptshare /myshare-ro
You should now be able to access both the read-only and read-write shares from the new mount-points.
Solaris
Ensure that you are the root user in order to execute the following commands.
- # mkdir /myshare
- # mkdir /myshare-ro
- # mount –F nfs –o vers=3 nas1.bu.edu:/ou/mydeptshare /myshare
- # mount –F nfs –o vers=3 nas2.bu.edu:/ou/mydeptshare /myshare-ro
You should now be able to access both the read-only and read-write shares from the new mount-points.
S3 Buckets
| Restricted-Use data? | Protocol | Site | Object Store Server | Transport | URL | |
| No | S3 | Boston | ist881-sgs3.bu.edu:10443
|
SSL/TLS | https://ist881-sgs3.bu.edu:10443
|
|
| No | S3 | 2nd site | isthol-sgs3.bu.edu.:10445
|
SSL/TLS | https://isthol-sgs3.bu.edu.:10445
|
|
IS&T will provide you with the Access Key ID and Secret Access Key for your S3 account over secure email (DataMotion) once provisioned.
What is Access-Based Enumeration (ABE)?
When Access-based enumeration is enabled, files and folders that users do not have permission to access are hidden. Access-Based Enumeration is CIFS share property that can be enabled or disabled at any time by request.
How do I access my share using CIFS from a Linux client?
Confirm your Linux kernel has CIFS support and that you have the samba-client rpm for the /sbin/[u]mount.cifs helper commands.
For Redhat/Centos distros, these are found in the cifs-utils rpm.
The mount.cifs and umount.cifs commands should be made suid-root to allow end users to mount and unmount their shares.
Create the mount directory
- [user@system]$ mkdir /myshare
Mount the share
- [user@system]$ mount.cifs //nas1.bu.edu/mydeptshare /myshare -o user=AD\\BUusername
- Password: *********
Change directory into your new share
- [user@system]$ cd mnt
When Access-based enumeration is enabled, files and folders that users do not have permission to access are hidden. Access-Based Enumeration is CIFS share property that can be enabled or disabled at any time by request.
- [user@system]$ ls -l
- total 4096
- -rwxrwSrwx 1 user staff 1020 Jun 27 05:31 README.txt*
- drwxrwxrwx 1 user staff 0 Jul 12 14:51 archive/
- -rwxrwSrwx 1 user staff 912681 Jun 27 06:05 bstnuniv1.tar.gz*
- drwxrwxrwx 1 user staff 0 Jul 13 16:26 data/
- drwxrwxrwx 1 user staff 0 Jul 18 15:19 user/
- drwxrwxrwx 1 user staff 0 Jul 14 14:54 home/
- -rwxrwSrwx 1 user staff 158 Jul 15 12:55 t.sh*
- -rwxrwSrwx 1 user staff 55 Jul 15 12:46 t.sh~*
Note: Permissions will appear misleading;
- File access is controlled on the NTFS windows side.
- The displayed permissions on the NFS client side are not relevant.
- If you’d like to unmount the directory:
- [user@system]$ umount.cifs /myshare
UNIX clients (including Linux) can also use samba command-line tools:
- smbclient – Provides an ftp like interface
- smbcacls – Can manipulate ACLs
What is the default access behavior for my share?
Windows (CIFS/SMB)
Your share folder is visible to everyone, but only you and your designated security group will be able to access any of the files within the folder.
NFS
Your share operates like any other folder in a UNIX file system; as the owner, you can set ownership and permissions for any file or folder in the share.
S3
Only users with the provided Access Key ID and Secret Access Key for your S3 account have access. It is best practice to store/transmit these securely. This includes not storing the keys in clear-text, utilizing encryption and secure email (e.g. DataMotion).
How do I browse my S3 bucket?
What are the snapshot frequencies and retention?
The snapshot frequencies and retention are:
- 4x daily with 36-hour retention
- Daily with one-week retention
- Weekly with twelve-week retention
How can I find out more about my storage utilization?
Clients using NFS (UNIX/Linux) to access their share can use df(1), du(1), and “ls –sR” commands to assess quota information for an entire allocation as well as individual directories and files.
Clients accessing their share using Windows (CIFS/SMB) can look at the Properties of their mapped drive.
How do I recover files that were accidentally deleted?
Windows
Users can find snapshots through the Previous Versions tab for the folder’s properties in Windows Explorer.
- In Windows Explorer, navigate to the folder in which the deleted file was stored.
- Position the cursor over a blank space in the folder, right-click, and then click Properties.
- Click the Previous Versions tab.
- Double-click the folder version that contained the file before it was deleted.
- Click the deleted file and then drag-and-drop or copy the shadow copy file to the folder that it was deleted from, or to another location where you want it to be available.
NFS
Users can find snapshots in the (hidden) .snapshot directory within their archive directory.
- [user@system]$ pwd
- /mydeptshare/Users
- [user@system]$ cd .snapshot
- [user@system]$ ls -1
- daily.2021-02-26_0010
- daily.2021-02-27_0010
- daily.2021-02-28_0010
- daily.2021-03-01_0010
- daily.2021-03-02_0010
- daily.2021-03-03_0010
- daily.2021-03-04_0010
- ist-6hour.2021-03-03_0600
- ist-6hour.2021-03-03_1200
- ist-6hour.2021-03-03_1800
- ist-6hour.2021-03-04_0000
- ist-6hour.2021-03-04_0600
- ist-6hour.2021-03-04_1200
- weekly.2021-02-07_0015
- weekly.2021-02-14_0015
- weekly.2021-02-21_0015
- weekly.2021-02-28_0015
Change directory to the selected snapshot and find desired file
- [user@system .snapshot]$ cd ist-6hour.2021-03-04_0600
- [usr@system user]$ ls
- ame cs eng sep watts
Copy the file back to desired location
- [usr@system user]$ cp watts /mydeptshare/Users/myfolder
S3
Any versioning is handled by the S3 application.
Yes. In the event of a serious outage, you can access the read-only replicated copy of your share. However, if you requested an un-replicated share, your content may be lost depending on the circumstances of the problem. If your content in an un-replicated archive is lost, it must be transferred from primary storage again.
Will I be able to add new files to the secondary location during a serious outage?
No. When the primary location is restored to service, you may add new files to your share.
What happens to the data in the share if I leave the University?
Your share quota will be set to 0 immediately; you will not be able to make any further additions to the share and notice will be sent to the notification address associated with your share. Your share will be deleted after 30 days unless other arrangements are made.
Reports and Quotas
How can I see the amount of my allocation that I have used?
UNIX/Linux users can run “du –sk” to determine current usage. Windows user can look at the Properties of their mapped drive.
Does my share have a limited quota I should be aware of? Will I be notified when I reach my limit?
Yes. You are limited to the amount of storage originally provisioned in your base allocation or which you have purchased. Once your share has reached its quota, you will be notified. You will also be able to purchase more space at any time.
If I use up my base allocation how do I request additional share space?
You can request to add more share space at any time, using the request form.
If you are an individual faculty or staff member whose directory is part of school or department’s shared space and you have exceeded your quota, contact your local IT professional to increase your quota or purchase additional space.
How do I pay for storage space?
When you request storage above the base allocation using the request forms, an invoice is attached to your ServiceNow request with instructions for payment.