Unsolved
This post is more than 5 years old
7 Posts
0
1812
Create group from Active Directory for Swift account group ownership
I would like to create a swift account and have that account/container owned by a group from active directory. I can successfully create a swift account and add a locally created group to it. When I try to create a swift account and name an AD group, it complains no such group. Okay so I need to add a group from AD on the Isilon first. The only problem, when I go to the add group section there is no search function. Once I select my active directory domain, the window literally lists all 4000 groups in my organization.
Okay off to the CLI -
A isi auth ads view returns"ONLINE" as well as the AD particulars. So AD is fine.
I have tried the following with no success:
isi auth groups create my_ad_groupname --provider ads:my.domain.com
Failed to add group my_ad_groupname: The authentication request could not be handled
isi auth ads modify --provider-name my.domain.com --findable-groups my_ad_groupname
Returns okay! All right now what? Cannot find the group anywhere and group create returns the same
So I go for another tact. I create a local group of the same name then try and add the SID with a
isi groups modify --group=my_ad_groupname --add-sid=1-5-21-2076390139-******************** --provider ads:my.domain.com
Returns Failed to create persona
What am I missing?
Thanks for your help!
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
1
July 29th, 2016 13:00
Are you using OneFS 8.0? You can use the command for a zone that is connected to AD or LDAP domain for authentication
isi swift accounts create [--zone ] [--users ] [{--verbose | -v}]
Example: isi swift accounts create 123 ADdomain\\testuser ADdomain\\groupA --zone ABC
Page 5 https://support.emc.com/docu65071_OneFS-8.0.0-Isilon-Swift-Technical-Note.pdf?language=en_US