We are unable to browse domain security principles for applying resource permissions. When we go to add either a user or group to a folder or file security DACL, the 'Locations' option is set to the solaris box (in this case 'sjm-b84'). Usually on another Windows servers, storage arrays (e.g. NetApp), solaris 10 or linux based file server we can change the location to include the domain so that we can add permissions for users or groups in the domain to the share on the file server. However, thus far the only location that can be selected has been the Solaris b84 node. The multi-domain controller environment is configured to best practices, we can browse and search the directory from both Windows and non-Windows operating systems, and the SAMBA server in Solaris 10 can actually search against the domain. In other words, we've isolated the only variable to the b84 instance in regards to this problem. The b84 node was able to join the domain successfully without issue. In trying to configure the CIFS client, "sharectl set -p ads_domain=<domain>" fails with "ads_domain: not defined". Domain consists of three Windows 2003 Servers; member servers have various operating systems: Windows 2008, Windows Vista, Windows XP, Solaris 10, Solaris 9, SuSE 10, RHEL4, RHEL5, Ubuntu 7. # sharectl get smb system_comment= max_workers=64 netbios_scope= lmauth_level=4 keep_alive=5400 wins_server_1= wins_server_2= wins_exclude= signing_enabled=false signing_required=false restrict_anonymous=false pdc= ads_site= ddns_enable=false autohome_map=/etc
# smbadm list security mode: domain domain name: hb.acsportal.com /etc/resolv.conf and /etc/krb5/krb5.conf is attached. Suggestions and assitance is appreciated! Best Regards, Nick Ross
krb5.conf
Description: krb5.conf
resolv.conf
Description: resolv.conf
_______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
