This invention relates to a computer apparatus which includes a processor, a memory, and an interface, and more particularly, to a technology of integrating at least two or more services of user management domains as user management units.
A network attached storage (NAS) and a file server are apparatuses for providing file share services to a client computer via a network.
The NAS or the file server has conventionally been installed in each department to be operated. In this case, user management may be independently carried out for each department.
In this description, a user management unit will be referred to as user management domain. Also, a server that carries out user management will be referred to as user management server. For example, the user management server is a network information service (NIS) server, a domain name service (DNS) server, an active directory (AD) server, or Kerberos server.
An integration of the departments may necessitate integration of NAS' whose user management domains are different from one another. As a method of integrating NAS' or file servers, the following two methods are known.
The first integration method is disclosed in JP 2006-252085 A. According to this first integration method, a plurality of user management servers are integrated into one. In addition, file servers hold correspondence between user IDs managed by the plurality of user management servers before the integration and a user ID managed by one user management server after the integration for each file system. Accordingly, the file servers can be integrated.
The second integration method is disclosed in USENIX Annual Technical Conference, Jun. 10-15, 2002 Enhancing NFS Cross-Administrative Domain Access. According to the second integration method, integration of a plurality of file servers is realized without integrating a plurality of user management servers. First, an operated volume is migrated to a NAS after integration. Then, the NAS after the integration stores share configuration information. The share configuration information manages a user ID conversion method for each file or file share service.
Moreover, a technology called a global name space (GNS) is known. According to the GNS, a plurality of file share services provided by a plurality of NAS' are provided as a virtual single file share service. According to the GNS, because the number of mounting times of a client computer can be reduced, operation costs of the client computer can be curbed.
A technology disclosed in JP 2003-203029 A realizes a GNS by using a root node present between a client and a server (hereinafter, simply referred to as root node). However, the technology disclosed in JP 2003-203029 A is based on the premise that user management domains are the same.
In the integration method disclosed in JP 2006-252085 A, the user management servers need to be integrated. Thus, there is a problem of a large influence on the existing environment. Besides, data needs to be migrated from the file server before the integration to the file server after the integration.
In the integration method disclosed in USENIX Annual Technical Conference, Jun. 10-15, 2002 Enhancing NFS Cross-Administrative Domain Access, while integration of the user management servers is unnecessary, data has to be migrated from the file server before the integration to the file server after the integration. Besides, configuration is extremely complex during the integration.
Specifically, file share services to be integrated have to be defined for user management domains to be integrated. In addition, a mapping table indicating the correspondence between the user ID before the integration and user ID after the integration has to be defined. The mapping table needs to include correspondence for all existing users, causing a problem of an enormous data volume. When the data volume of the mapping table is enormous, a response to the client computer drops.
The GNS technology disclosed in JP 2003-203029 A can provide file share services of the same user management domains as a single file share service without migrating any data. However, file share services of different user management domains cannot be provided as a single file share service.