This post is more than 5 years old
7 Posts
0
1155
Mapping UIDs to new NX4 from existing EMC device
Situation: Win2K domain with several hundred users / groups. There is an existing (older) EMC device (unknown model) that is used for home directories. It has CIFS shares and exports NFS mount points for each share. All user account info is set via MMC snapin on primary domain controller.
We got an NX4 recently and set it up as a secondary file share device. The hope was that we could use it for CIFS and NFS as well.
CIFS is working fine but the UID/GID info is not being inherited from the AD domain properly. All accounts are getting new values from 32768 and rising.
Expectation: that the AD values for UID / GID would be picked up by the new device when it joined the domain.
I used 'server_cifssupport' to get the lists from both old and new machines. On the old machine I see the expected account info with 'nis' or 'active directory' listed as the source. On the new machine I see only a few accounts and each has 'usermapper' listed.
I looked at the usermapper service on the new machine: bin/server_usermapper server_2
server_2 : Usrmapper service: Initialized
Service Class: Primary
Sounds like its trying to run so I disabled it. This didn't seem to have any effect on the list from 'server_cifssupport'.
Looking at the same value on the old machine I see:
server_2 : Usrmapper service: Uninitialized
So it looks like I want to revert the new system to this 'uninitialized' state. How? Is this even the correct approach? Do I want to delete everything from the 'usermapper' as well?
Am I headed down the wrong track altogether?
Rainer_EMC
8.6K Posts
0
November 22nd, 2011 03:00
If you are getting UID/GIDs mapped above 32768 then you are just using the default builtin usermapper.
If you want “static” mapping from AD or other sources you need to specifically configure this.
Please see the CIFS and Name services manuals.
Rainer
bergec
275 Posts
0
November 22nd, 2011 03:00
In order to understand name mapping service, make sure you read the "Configuring Name Services" Tech Manual
Look at NIS configuration on the old NS, the service should be started (CLI command "server_nis"), look at server parameters as well (I don't know the revision so not sure if they are available in the GUI or via CLI command "server_param" on that old NS
If not in the GUI or CLI command, that do a cat of /nas/server/slot_2/param and /nas/site/slot_param
Claude
ethr0
7 Posts
0
November 22nd, 2011 05:00
what I've done (in response):
updated nsswitch.conf (set user, group, passwd, shadow to 'file nis'):
(no default was set so I copied from /nas/sys to ~, edited and then set via server_file server_2 -put nsswitch.updated nsswitch.conf )
modified usADMap ( set to 1 ):
server_param server_2 -facility cifs -modify useADmap -value 1
cleared out secmap cache ( reloaded all the cached values - appears to be working as all are coming from nis now ):
server_cifssupport server_2 -secmap -update -name -domain
server_cifssupport server_2 -secmap -list
Follow up:
Went back to control station on new machine and reset all UID and GID. Appears to be working now.