Re: [storage-discuss] No users show up with idmap dump or idmap show

Fri, 07 Mar 2008 08:08:48 -0800 

On Fri, Mar 07, 2008 at 05:58:32AM -0800, Bill wrote:
> This is my configuration to avoid any confusion, I hope :) I have a
> Linksys NAS 6000 that is my file server. It serves share as CIFS and
> NFS. My users will mount their home directories from this drive. So
> when they are on a Windows workstation they will mount their home
> directory as CIFS and when they are on a UNIX workstation, they will
> mount the exact same home directory as NFS. Will idmap allow, if set
> up correctly, the users to access files created on either workstation?

[BTW, I had been under the impression that you were using Solaris for
 the NAS.  This information you just gave us certainly helps!]

This depends on the capabilities of the NAS box in question.

If you're using NFSv3 then it's all up to whatever the NAS does and
idmap does not remotely enter the picture on the client side. [*]

If you're using NFSv4 and the NAS puts the correct Windows user/group
names on the wire[**] then configuring and running idmap on the client
absolutely will help.

If you want to use SMB on the Solaris client, that will work, but
currently the Solaris SMB client does not support viewing nor
manipulating Windows ACLs.

Nico


[*]  NFSv3 uses integer UIDs and GIDs on the wire, and the server and
     client have to agree on what these mean, which is why what the NAS
     you're using does for ID mapping is all-important in this case.

[**] NFSv4 uses [EMAIL PROTECTED] strings on the wire to represent users and
     groups.  The client and server still have to agree on what these
     mean (how to resolve them to locally meaningful identifiers), but
     they need not agree on how to represent those locally.

     In this case the nfsmapid and idmapd daemons can work together
     both, on Solaris clients and Solaris servers, to ensure that you
     can refer to Windows identities in your ACLs.

     In your case the NAS isn't a Solaris system, so it is still
     important that the names used by the NAS agree with the client's
     expectations, but it's not hard for the NAS vendor to get this
     right.
_______________________________________________
storage-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/storage-discuss

Reply via email to