There is a custom Auth mode I think that allows you to use ad for Auth and LDAP for identity. You'd could do what you wanted but you'd need another LDAP instance that mapped the ad usernames to the UID that is only used by SMB.
Hack yes. Simon ________________________________________ From: [email protected] [[email protected]] on behalf of [email protected] [[email protected]] Sent: 07 March 2019 22:10 To: [email protected]; gpfsug main discussion list Subject: Re: [gpfsug-discuss] Exporting remote GPFS mounts on a non-ces SMB share We have many current usernames from LDAP that do not exactly match with the usernames from AD. Unfortunately, i guess CES SMB will need us to use either AD or LDAP or use the same usernames in both AD and LDAP. I have been looking for a solution where could map the different usernames from LDAP and AD but have not found a solution. So exploring ways to do this from RHEL SMB. I would appreciate if you have any solution to this issue. As of now we use LDAP uids/gids and SSH keys for authentication to the HPC cluster. We want to use CES SMB to export the same mounts which have LDAP usernames/uids/gids however because of different usernames in AD - it has become a challenge. Even if we do find a solution to this, i want to be able to use AD authentication for SMB and ssh key authentication for NFS. The above are the reasons we are just using CES with NFS and user defined authentication for users to have access with login through ssh keys. Regards, Lohit On Mar 7, 2019, 3:12 PM -0600, Andrew Beattie <[email protected]>, wrote: That would not be supported You shouldn't publish a remote mount Protocol cluster , and then connect a native client to that cluster and create a non CES protocol export if you are going to use a Protocol cluster that's how you present your protocols. otherwise don't set up the remote mount cluster. Why are you trying to publish a non HA RHEL SMB share instead of using the HA CES protocols? Andrew Beattie File and Object Storage Technical Specialist - A/NZ IBM Systems - Storage Phone: 614-2133-7927 E-mail: [email protected]<mailto:[email protected]> ----- Original message ----- From: [email protected] Sent by: [email protected] To: [email protected], gpfsug main discussion list <[email protected]> Cc: Subject: Re: [gpfsug-discuss] Exporting remote GPFS mounts on a non-ces SMB share Date: Fri, Mar 8, 2019 7:05 AM Thank you Andrew. However, we are not using SMB from the CES cluster but instead running a Redhat based SMB on a GPFS client of the CES cluster and exporting it from the GPFS client. Is the above supported, and not known to cause any issues? Regards, Lohit On Mar 7, 2019, 2:45 PM -0600, Andrew Beattie <[email protected]>, wrote: https://www.ibm.com/support/knowledgecenter/en/STXKQY_5.0.2/com.ibm.spectrum.scale.v5r02.doc/bl1adv_configprotocolsonremotefs.htm _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
