Creating a Dtree

Prerequisites

• A namespace has been created.
• Dtrees cannot be created for audit log namespaces.

Procedure

1. Choose Resources > Resources > Dtree.
2. Select a desired account from the Account drop-down list in the upper left corner.
3. Click Create.

   The Create Dtree page is displayed on the right.

4. Set dtree parameters.

   Table 1 describes related parameters.

   Table 1 Dtree parameters

   Parameter	Description
   Name	Name of the dtree. [Value range] You can enter multiple dtree names separated by semicolons (;) or carriage returns. A dtree name: Must be unique. Can contain only digits, letters, periods (.), hyphens (-), and underscores (_). Contains 1 to 255 characters. Cannot only contain one or two consecutive periods (. or ..).
   Owning Namespace	Namespace to which the dtree belongs.
   Directory	Click Browse. On the Browse Directory page that is displayed, select a directory for the dtree. NOTE: You can click Create to create a directory. The directory name contains 1 to 255 characters, including only digits, letters, hyphens (-), and underscores (_). Click the search bar and enter the full path of the parent directory. The value contains 1 to 4095 characters, including only digits, letters, hyphens (-), and underscores (_). The value must start with a slash (/) and cannot use consecutive slashes (/). Click Modify in the row where the directory is located. On the Modify Directory page that is displayed, modify the access permissions of the directory. You can create a multi-level directory. Click in the row of a directory to go to the directory and create a sub-directory for it, or click to return to the upper-level directory. Click to refresh the directory information. Enter a directory name and click to search for the required directory information.
   Directory Name	Directory name of the dtree. If this parameter is left blank, the dtree name is used as the directory name by default. The dtree path consists of /Namespace/Directory/Directory name. For example, if Owning Namespace is set to ns, Directory is set to directory, and Directory Name is set to dir_name, the dtree path is /ns/directory/dir_name. [Value range] Each directory name must be unique in one parent directory, while same directory names can be used between different parent directories. The value can contain only digits, letters, periods (.), hyphens (-), and underscores (_). The value contains 1 to 255 characters. The value cannot be a period (.) or two consecutive periods (..).
   Security Style	Security style to be selected based on service requirements. Possible options are: Mixed: applies to scenarios where users of CIFS clients (using the SMB protocol) and UNIX clients (using the NFS, HDFS, or DPC protocol) can access and control dtrees. In this style, CIFS permissions (NT ACLs) and UNIX permissions (UNIX mode bits, POSIX ACLs, or NFSv4 ACLs) cannot co-exist. Only the latest configured permissions on either CIFS or UNIX clients take effect. Native: applies to the same scenarios as the Mixed style. The difference between the Native style and the Mixed style is that CIFS permissions (NT ACLs) and UNIX permissions (UNIX mode bits, POSIX ACLs, or NFSv4 ACLs) can co-exist and will neither affect nor synchronize with each other in Native style. NTFS: applies to scenarios where Windows NT ACLs control users' permissions. UNIX: applies to scenarios where UNIX mode bits, POSIX ACLs, or NFSv4 ACLs control users' permissions. NOTE: In Mixed style (which supports NT ACLs), if you configure an NT ACL for a file or directory on a Windows client and switch Mixed to UNIX, the NT ACL in Mixed style will become invalid.

5. Click Advanced and set WORM attributes of the dtree. That is, data is written once and read multiple times. You can set a protection period for a file. During the protection period, the file can be read but cannot be modified or deleted. After the protection period expires, the file can be deleted.
   1. Enable WORM.
   2. Select a policy mode for the dtree. Possible options are:
      

      After the policy mode is set to Compliance, it cannot be changed to Enterprise or None.

      • Enterprise: used by enterprises to implement internal control. The retention period and permissions of common users and privileged users are set to ensure secure data access security and prevent data tampering, protecting archived files and data of enterprises. During the retention period, common users cannot modify, rename, or delete files. Privileged users (system administrators) cannot modify or rename files, but can use their privileges to delete files. After the retention period expires, common users and system administrators cannot modify or rename files, but can read or delete files.

        Table 2 describes related parameters.

      • Compliance: applies to archiving scenarios where data protection mechanisms are implemented as required by laws and regulations. During the retention period, common users and system administrators cannot modify, delete, or rename files. After the retention period expires, common users and system administrators cannot modify or rename files, and common users can but system administrators cannot delete files.

        Table 2 describes related parameters.

        Table 2 Compliance and enterprise WORM policy mode parameters

        Parameter	Description
        Max. Retention Period	Maximum protection period supported by a specified dtree.
        Min. Retention Period	Minimum protection period supported by a specified dtree.
        Default Retention Period	Default protection period after a file enters the protection state.
        Auto Lock	After this function is enabled, if a file is not modified within the default waiting time, the file automatically enters the locked state.
        Legal Hold File Modification	Common users and privileged users cannot delete legal hold files within the retention period. After the function is enabled, the retention periods of the legal hold files can be modified.

6. Click OK.