bergec
3 Argentium

Re: SID -> UID/GID Mapping

Have you checked that you can get a valid UID or GID mapping with "server_ldap server_2 -lookup" (check exact syntax)

Also check CIFS resolver param. By default the DM searches user.domain (not just user). Use server_param command to change it, name of the facility is "cifs"

Claude

cmschube-dell
1 Copper

Re: SID -> UID/GID Mapping

Hey Claude -

Thanks for the response.

bergec wrote:

Have you checked that you can get a valid UID or GID mapping with "server_ldap server_2 -lookup" (check exact syntax)

Also check CIFS resolver param. By default the DM searches user.domain (not just user). Use server_param command to change it, name of the facility is "cifs"

Claude

I did get this working last night. Funny though, the ultimate resolution was to disable the cifs facility param (set it to 1 - even though everything I read told me to leave it enabled for an AD/IdMU configuration). I disabled my usermapper service and had to clean out some residual entries. I didn't realize that disabling the usermapper service just caused the dm to continue to query the usermapper's exisiting entries, just not to add new entries.

One thing I did notice though is that I had to query LDAP for the UID via "server_ldap server_2 -lookup -uid <UID>" before I could get "server_ldap server_2 -lookup -name <name> -domain <domain>" to work. I don't think that should be normal operation?

But anywho, that should take care of this problem. Now to figure out why NFS is so bloody slow (4Mb/sec MAX copy rate ).

Thanks again everyone for the replies.

Chris

0 Kudos
Rainer_EMC
5 Osmium

Re: SID -> UID/GID Mapping

keep in mind that secmap is a permanent cache - an entry there will never get updated or expire unless you explicitly delete it with server_cifssupport

0 Kudos