I was wondering whether anyone has used and had any success in giving Active Directory computer accounts access rights to CIFS shares on the Celerra?
We are in the process of deploying SCCM which has a requirement for the computer object to have read rights to a share. I previously raised a call with EMC as I was unable to even add the workstation to the share. As it is a computer object we did initially try changing just the compter attributes specified in the ldap.conf file for idMU mappings on the Celerra, so basically the ipHostNumber, but as that did not work we tried treating it as a user account and populating the attributes that a user object would have (namely uid, uidNumber, gidNumber). While this allowed the computer object to be added to the share, actual access for the service did not seem to work but this seems to be more a Windows issue than a Celerra issue so no further support was provided.
Has anyone managed to actually get this sort of scenario to work?
you can add a computer account to the share.
Simply edit the security entries of the share, and add "Computers" on the object type to be searched.
I have done this to configure "null access" to the shares. I am not sure if this is what you need, but if so, you need to edit one parameter on the Data Mover.
See primus "1.0.158511904.2816319" and emc73534 if this is the case.
It appears that your question have been answered. Is the answer helpful?
If so, please mark the question as "Answered". Your response and feedback would assist other participants.
Your panticipation to the forum is appreciated.