By default, your system is in workgroup mode. If you'd like to join the domain, you need to run "smbadm join" CLI. There is no reason for the idmap daemon to talk to Active Directory in workgroup mode because CIFS only needs to obtain SID for local users and groups and all the ID<->SID conversions for security descriptors. Apparently, the idmapd needs some enhancement. To get around this for now, you need to disable the idmap daemon from performing auto-discovery by setting all the auto-discoverable SMF properties of the idmap service: config/domain_name, forest_name, site_name, domain_controller and global_catalog.
For example: svccfg -s idmap setprop config/domain_name=astring:"" setprop config/forest_name=astring:"" setprop config/site_name=astring:"" setprop config/domain_controller=astring:"" setprop config/global_catalog=astring:"" Regards, Natalie > > > -------- Original Message -------- > Subject: [storage-discuss] CIFS Share on ZFS > Date: Sun, 25 Nov 2007 13:15:39 -0800 (PST) > From: Leonid Kogan <[EMAIL PROTECTED]> > To: [email protected] > > > > Hi there, > Can anyone point me to the step-by-step procedure of CIFS share on the > ZFS dataset? > I've tried to: > zfs set sharecifs=name=s1 noapp/s1 > > When I try to connect to \\192.168.163.77\s1 I can pass the > authentication stage. > Here's the id mapping: > > bash-3.2# idmap list > add winuser:test unixuser:test > bash-3.2# > > Following is the log of the idmapd: > > [ Nov 25 23:12:32 Executing start method ("/usr/lib/idmapd"). ] > idmapd: searching DNS for SRV RRs named '_ldap._tcp.dc._msdcs' > idmapd: Found _ldap._tcp.dc._msdcs.pv.local 600 IN SRV [0][100] > dc.pv.local:389 > idmapd: querying DNS for SRV RRs named '_ldap._tcp.dc._msdcs' > idmapd: Found _ldap._tcp.dc._msdcs.pv.local 600 IN SRV [0][100] > dc.pv.local:389 > idmapd: LDAP SASL bind to dc.pv.local:389 failed (Local error) > idmapd: Couldn't open and SASL bind LDAP connections to any domain > controllers; discovery of some items will fail > idmapd: LDAP SASL bind to dc.pv.local:389 failed (Local error) > idmapd: Couldn't open and SASL bind LDAP connections to any domain > controllers; discovery of some items will fail > idmapd: unable to discover Forest Name > idmapd: LDAP SASL bind to dc.pv.local:389 failed (Local error) > idmapd: Couldn't open and SASL bind LDAP connections to any domain > controllers; discovery of some items will fail > idmapd: unable to discover Site Name > idmapd: LDAP SASL bind to dc.pv.local:389 failed (Local error) > idmapd: Couldn't open and SASL bind LDAP connections to any domain > controllers; discovery of some items will fail > idmapd: unable to discover Global Catalog > idmapd: Global catalog server is not configured; AD lookup disabled > idmapd: AD lookup disabled > idmapd: list_size_limit=0 > idmapd: default_domain=pv.local > idmapd: domain_name=pv.local > idmapd: machine_sid=S-1-5-21-693970100-1432840667-3240933681-880000187 > idmapd: domain_controller=dc.pv.local port=389 > idmapd: forest_name=null > idmapd: site_name=null > idmapd: No global catalog servers known > [ Nov 25 23:12:36 Method "start" exited with status 0. ] > > > I looks like I have to define somewhere the credentials for the AD > connection or to perform some other action to "join" the AD domain. > Unfortunately I can't find any documentation that explains this subject. > > I'd really appreciate any help. > > > Thanks in advance, > LK > > > This message posted from opensolaris.org > _______________________________________________ > storage-discuss mailing list > [email protected] > http://mail.opensolaris.org/mailman/listinfo/storage-discuss > > _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
