My goal is to put a few SQL server backup devices on a zfs based CIFS
share and allowing only 3 specific domain users to access the share.
I then plan on sharing the parent pool out via NFS (version 3) for
spooling to tape backup system.
I have joined our b84 solaris x86 cifs to our AD domain with:
#svcadm enable -r smb/server
#smbadm join -u domadm corp.addom.local
#svcadm restart smb/server
then I created a CIFS share on my zpool:
#zfs create -o casesensitivity=mixed -o sharesmb=on zpool/winshare
Now this is where I get confused as to how to accomplish my goal. I
need to allow write by these three users who are all in different
windows groups. I don't want to chmod 777 just to have these users be
able to all read/write because that would mean that any domain user
could read/write! Is the answer using IDMAP with chmod ACL's?
Could I somehow use SID's in the chmod command?
'idmap dump' shows my SID after I connect to the share for the first
time with an entry in the log that says:
Mar 21 14:04:27 beefeater smbsrv: [ID 138215 kern.notice] NOTICE:
smbd[ADDOM\andyl]: . access denied
Mar 21 14:04:29 beefeater smbsrv: [ID 138215 kern.notice] NOTICE:
smbd[ADDOM\andyl]: zpool_winshare rw access granted
Thanks in Advance,
-Andy
_______________________________________________
storage-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/storage-discuss
