This is strange. No one on the testing team has seen this problem. A network capture might be helpful to diagnose this problem.
Regards, Natalie Nick Ross wrote: > The Windows client is one of the domain controllers. We have also > tried this on a Windows Server 2008 node, a Vista node, and an XP > node, all members of the domain. > > Again, we can browse and assign permissions for *any* other domain > member server and/or CIFS integrated storage array. > > This occurs only from shares on the b84 node, regardless of the domain > member system that we use. > > Best Regards, > Nick Ross > > ------------------------------------------------------------------------ > *From:* Natalie Li [mailto:[EMAIL PROTECTED] > *Sent:* Tue 3/18/2008 6:00 PM > *To:* Nick Ross > *Cc:* [email protected]; linda kateley; > [EMAIL PROTECTED]; Josh Wells; [EMAIL PROTECTED] > *Subject:* Re: [storage-discuss] [b84] can not browse domain security > principles > > Nick Ross wrote: > > > We are unable to browse domain security principles for applying > > resource permissions. > > > > When we go to add either a user or group to a folder or file security > > DACL, the 'Locations' option is set to the solaris box (in this case > > 'sjm-b84'). Usually on another Windows servers, storage arrays (e.g. > > NetApp), solaris 10 or linux based file server we can change the > > location to include the domain so that we can add permissions for > > users or groups in the domain to the share on the file server. > > However, thus far the only location that can be selected has been the > > Solaris b84 node. > > Is your Windows client joined to the same domain as well? If not, it > explains why you only see users/groups that is local to your Solaris b84 > node. > Try by joining your client to the same domain to see if it resolves your > problem. > > > > > The multi-domain controller environment is configured to best > > practices, we can browse and search the directory from both Windows > > and non-Windows operating systems, and the SAMBA server in Solaris 10 > > can actually search against the domain. In other words, we've > > isolated the only variable to the b84 instance in regards to this > problem. > > > > The b84 node was able to join the domain successfully without issue. > > In trying to configure the CIFS client, "sharectl set -p > > ads_domain=<domain>" fails with "ads_domain: not defined". > > The ads_domain property along with many other ADS related properties are > obsolete as of snv_79. Thus, you don't need to manage them via sharectl > CLI. > > Regards, > > Natalie > > > > > Domain consists of three Windows 2003 Servers; member servers have > > various operating systems: Windows 2008, Windows Vista, Windows XP, > > Solaris 10, Solaris 9, SuSE 10, RHEL4, RHEL5, Ubuntu 7. > > > > # sharectl get smb > > system_comment= > > max_workers=64 > > netbios_scope= > > lmauth_level=4 > > keep_alive=5400 > > wins_server_1= > > wins_server_2= > > wins_exclude= > > signing_enabled=false > > signing_required=false > > restrict_anonymous=false > > pdc= > > ads_site= > > ddns_enable=false > > autohome_map=/etc > > # smbadm list > > security mode: domain > > domain name: hb.acsportal.com > > /etc/resolv.conf and /etc/krb5/krb5.conf is attached. > > > > Suggestions and assitance is appreciated! > > > > Best Regards, > > Nick Ross > > > >------------------------------------------------------------------------ > > > >_______________________________________________ > >storage-discuss mailing list > >[email protected] > >http://mail.opensolaris.org/mailman/listinfo/storage-discuss > > > > > >------------------------------------------------------------------------ > >_______________________________________________ >storage-discuss mailing list >[email protected] >http://mail.opensolaris.org/mailman/listinfo/storage-discuss > > _______________________________________________ storage-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/storage-discuss
