Hi all SMB experts,
I am testing (on a x4500 - Mirrored rpool and a big zfs raidz2
collection for another big storage pool) the use of Opensolaris and
the SMB server on build snv_101b. I am particularly interested in the
SMB server cause unfortunately our desktop fleet here is Windows, so a
user group here wishes to control access to and use their data all
from their Windows machines and schedule jobs to *nix boxes to analyse
the data on other occasions. So I am stuck in using Windows ACL based
file system ACLs to fulfill the needs of our user and also allow fast
access for computation with our linux cluster. The other main reason I
wish to use Opensolaris is so I can use ZFS send to another x4500
device that is stored off site for backup.
I have read countless amounts of doco on this topic and have
successfully got shares 'shared' but I am having difficulty with a few
things, in particular:
1)
- When I restart the smb/server:default service I have to 'rejoin' our
domain in order to resolve SIDs again (smbadm join -u administrator
domain.gov.au)
Is there any bug for this or am I doing something wrong? Should I have
to re-join all the time. I do remember reading that it has not been
supported in a domain with multiple domain controllers which we have
here.
2)
- The other main problem I have is that different areas with the ZFS
volume need specific groups allowed access. I would love to be able to
create AD groups and add that group's access into the file systems ACL
and have that inherited nicely down the file system tree. I am making
the top level of my filesystem 777 within Opensolaris and allows the
ACL to control access as it is only exported via SMB.
e.g. create a dir at the root of my zfs, then on that folder add read/
write to a Active Directory group and allow that to inherit.
a) Is that possible with ZFS and the current SMB implementation?
b) Am I going about this the wrong way?
If you would like any output of the cifs-gendiag let me know. Feel
free to contact me via any means.
Any assistance would be appreciated, I don't want to have to run
windows on the beautiful piece of hardware,
---
Cooper Ry Lees
UNIX Evangelist - Information Management Services (IMS)
Australian Nuclear Science and Technology Organisation
T +61 2 9717 3853
F +61 2 9717 9273
M +61 403 739 446
E [EMAIL PROTECTED]
www.ansto.gov.au
Important: This transmission is intended only for the use of the
addressee. It is confidential and may contain privileged information
or copyright material. If you are not the intended recipient, any use
or further disclosure of this communication is strictly forbidden. If
you have received this transmission in error, please notify me
immediately by telephone and delete all copies of this transmission as
well as any attachments.
_______________________________________________
cifs-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
