Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Brenton1

4 Posts

1000

July 13th, 2009 17:00

Configuring Celerra to use AD as primary auth source and not usermapper

Has anyone got or know of a large NAS / NX4 site that uses AD as the primary authentication source, rather than the internal user mapper? I'm interested in how they have populated the UID and GID in the AD objects for the permissions transalation.

Because we do NOT use usermapper as we want mixedmode access, we need to populate the AD object with the UID, this is the users staff id which is a unique number.

Currently there does not seem to be a nice method to populate new user accounts and groups with a unique UID and GID for the NAS.

We have 40000 objects and 1000's of new students each year and currently other than a script to manually populate the AD objects there doesnt seem to be a nice clean method to do this

BillStein-Dell

Moderator

 • 

284 Posts

July 14th, 2009 02:00

Sadly, there isn't any graceful way to manage an extended AD schema. One way or another, you'll be customizing a solution. Even if there are third-party utilities out there which can handle administration of extended AD schemas, you'll still need to do some level of customization to fit your environment. I suspect that your "add a new user" procedure will need to be modified so that admins populate the UID field with the staff ID as they create new users.

Creating all the UIDs for the existing users, however, might be a little easier. We do have utilities which allow you to import Unix-style passwd files into the new AD schema. Accordingly, if you create a passwd file-formatted flat file with usernames and, instead of UIDs, you substitute the user's staff ID, you should be able to use the existing import tools to populate them. Check with your field representatives to get a hold of the import tools.

cadencep45

1 Rookie

 • 

299 Posts

August 30th, 2016 01:00

Hi,

I know this thread is old, but this is something I am interested in, i.e. import tool to populate UID field in AD from a NIS passwd file. Can I simply point field representative at this thread ?

umichklewis

1.2K Posts

August 30th, 2016 06:00

That's probably a good idea.  The import tools were still available, circa 2014, as I was involved with a project that used them. 

View More

View All

No Events found!

Top