At IU, how do I access the SDA via Samba?

At Indiana University, you can use the Samba protocol to access the Scholarly Data Archive (SDA) on your Windows, OS X, or Linux workstation. A Samba connection gives you read-only access to your SDA account and any shared directories (and files) you have permission to access. If you are connecting from off campus (i.e., outside the IU network), you must establish a VPN connection first; see About the IU VPN.

Note: To prevent potential file corruptions, UITS established a read-only policy for Samba connections to the SDA (effective January 17, 2015). The SDA is a tape-based system, unsuitable for real-time editing in general. Real-time editing via Samba can corrupt SDA files (particularly when Microsoft Office applications are used). The read-only policy was implemented because system administrators have no way of selectively preventing real-time editing in Samba. To transfer files to the SDA, use SFTP/SCP, HSI/HTAR, or the SDA web interface.

On this page:


Windows

Note: To connect via Samba to a ARCHIVED: UITS Research Storage system from a Windows computer that is not joined to the Indiana University ADS domain, you may need to run a tool that disables LM/NTLMv1. See What is the tool that disables LM/NTLMv1, and where can I get it?

To map a drive to your personal or group SDA account via Samba:

  1. In Windows 8.x, press Win-e, and then in the left column of the resulting window, right-click Computer or This PC.

    In Windows 7 and earlier, from the Start menu, right-click Computer.

  2. Select Map Network Drive.
  3. In the "Path:" or "Folder:" field, enter the path for the SDA account (replace sda_account with your personal or group account Network ID username):
      \\smb.sdarchive.iu.edu\sda_account

    Note: To access a shared directory belonging to another user (or group), replace sda_account with one of the share names listed on this page under Accessing a shared directory.

  4. When prompted, enter your personal or group Network ID username, prepended with ads\ to indicate the IU ADS domain (e.g., ads\sda_account), and passphrase.

The SDA will be mapped as a drive on your workstation, providing read-only access to the files and folders you have permission to access.

Note:
In accordance with standards for access control mandated by the HIPAA Security Rule, you are not permitted to access data containing protected health information (PHI) using a group (or departmental) account. To ensure accountability and permit access to authorized users only, IU researchers must use their personal IU username and passphrase for all work involving PHI.

Back to top

OS X

To mount your personal or group SDA account via Samba:

  1. In the Finder, from the Go menu, select Connect to Server.
  2. In the Connect to Server window, in the "Server Address:" field, enter the path for the SDA account (replace sda_account with your personal or group account Network ID username):
      smb://smb.sdarchive.iu.edu/sda_account

    Note: To access a shared directory belonging to another user (or group), replace sda_account with one of the share names listed on this page under Accessing a shared directory.

  3. Click Connect.
  4. When prompted, enter your personal or group Network ID username and passphrase, and then click Connect.

The SDA will be mounted on your workstation, providing read-only access to the files and folders you have permission to access.

Note:
In accordance with standards for access control mandated by the HIPAA Security Rule, you are not permitted to access data containing protected health information (PHI) using a group (or departmental) account. To ensure accountability and permit access to authorized users only, IU researchers must use their personal IU username and passphrase for all work involving PHI.

Back to top

Linux

To mount your personal or group SDA account via Samba:

  • If you have root access on the workstation:
    1. Log in as root, and then create an empty mountpoint directory for the SDA account; on the command line, enter the following (replace sda_account with the appropriate Network ID username):
        mkdir /sda_account
    2. Mount the SDA account; on the command line, enter the following (replace sda_account and sda_user with your personal or group Network ID username, and local_user with the local non-root username that should have access to the SDA account):
        mount.cifs //smb.sdarchive.iu.edu/sda_account /sda -o user=sda_user,uid=local_user,sec=ntlmv2,domain=ads

      Alternatively:

      • If the local non-root username is identical to the SDA account username, you can omit uid=localuserid .
      • To map a group SDA account to a local non-root group username, use gid=local_user instead of uid=local_user .
      • To access a shared directory belonging to another user (or group), replace sda_account with one of the share names listed on this page under Accessing a shared directory; replace sda_user your personal or group account username (whichever was granted permission to access the shared directory).

      Note: In some cases, the sec=ntmlv2 option does not work under Red Hat Enterprise Linux 6 (RHEL 6); try sec=ntlmssp instead.

    3. When prompted, enter your personal or group Network ID passphrase.
  • If you do not have root access on the workstation:
    1. In your home directory, create an empty mountpoint directory for the SDA account; on the command line, enter the following (replace sda_account with the appropriate Network ID username):
        mkdir ~/sda_account
    2. Mount the SDA account; on the command line, enter the following (replace sda_account and sda_user with your personal or group Network ID username, and local_user with the local non-root username that should have access to the SDA account):
        mount.cifs //smb.sdarchive.iu.edu/sda_account /sda -o user=sda_user,uid=local_user,sec=ntlmv2,domain=ads

      Alternatively:

      • If the local non-root username is identical to the SDA account username, you can omit uid=localuserid .
      • To map a group SDA account to a local non-root group username, use gid=local_user instead of uid=local_user .
      • To access a shared directory belonging to another user (or group), replace sda_account with one of the share names listed on this page under Accessing a shared directory; replace sda_user your personal or group account username (whichever was granted permission to access the shared directory).

      Note: In some cases, the sec=ntmlv2 option does not work under Red Hat Enterprise Linux 6 (RHEL 6); try sec=ntlmssp instead. If the mount.cifs command does not work without root access, contact your system administrator.

    3. When prompted, enter your personal or group Network ID passphrase.

When you are finished, unmount the SDA account:

  • As root, enter:
      unmount.cifs /sda_account
  • As a non-root user, enter:
      unmount.cifs ~/sda_account
Note:
In accordance with standards for access control mandated by the HIPAA Security Rule, you are not permitted to access data containing protected health information (PHI) using a group (or departmental) account. To ensure accountability and permit access to authorized users only, IU researchers must use their personal IU username and passphrase for all work involving PHI.

Back to top

Accessing a shared directory

To access a directory that another user (or group) is sharing with you:

  1. Use one of the following share names to replace sda_account in the above instructions (for Windows, OS X, or Linux):
    Share name Description
    hpss-home Maps to the top-level directory in cos1, the class of service (COS) for small files (up to 4 MB)
    hpss-home-medium Maps to the top-level directory in cos2, the COS for medium files (from 4 MB to 64 MB)
    hpss-home-large Maps to the top-level directory in cos3, the COS for large files (from 64 MB to 1 TB)
  2. From the top-level directory, navigate to the SDA account(s) you have permission to access. SDA accounts are stored off the top-level directory based on the first two characters of their usernames; for example, from the top level, to navigate to the account for username owkenobi, on the command line, enter:
      cd o/w/owkenobi

Note: You cannot view files in an account belonging to another user (or group) unless the owner of the account sets permissions that grant you access. For information about setting permissions in shared directories, see At IU, how do I use ACLs to share my SDA data with other users?

This is document auxm in the Knowledge Base.
Last modified on 2015-05-18 00:00:00.

  • Fill out this form to submit your issue to the UITS Support Center.
  • Please note that you must be affiliated with Indiana University to receive support.
  • All fields are required.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.

  • Fill out this form to submit your comment to the IU Knowledge Base.
  • If you are affiliated with Indiana University and need help with a computing problem, please use the I need help with a computing problem section above, or contact your campus Support Center.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.