Unsolved
This post is more than 5 years old
5 Posts
0
558
Updating ACLs after modifying secmap
I am in a situation where we need to delete stale entries from the secmap table where we have users with multiple entries. My goal is to delete the entries that do not map to a valid Active Directory SID. There may also be UIDs/GIDs that I need to change as well move from using usermapper to Active Directory as the source for UID/GID mappings. In the document Configuring Celerra User Mapping a note on page 12, under "Checking and updating secmap mapping entries, states: "After an update is performed, an update of the ACLs of all file systems should be forced to take account of the new mappings". However, I can't seem to find anywhere exactly how to update the ACLs.
How do I update the ACLs?
What side-effects may occur if I change a UID/GID for a user or group?
Peter_EMC
674 Posts
0
October 10th, 2010 23:00
The solution is written in the same document, you are refering to.
"Note: After an update is performed, an update of the ACLs of all file systems should be
forced to take account of the new mappings.
"Check secmap mapping entries" on page 37 and "Update secmap mapping
entries" on page 38 describe these tasks."
Action
To update all the secmap mapping entries, use this command syntax:
$ server_cifssupport -secmap -update { -name
-domain | -sid }
where:
= name of the Data Mover
= name of the user or group
= the fully qualified domain name
= SID
Example:
To update all the secmap mapping entries on server_2, type:
$ server_cifssupport server_2 -secmap -update -user user3 -domain
NASDOCS
Output Note
server_2 : done The output displays all mappings that have
been updated.