Skip to main content

urle

48 Posts

September 5th, 2011 04:00

The only platform to achieve this I found is with Celerra. We have the same situation (an forever ongoing merger between to institutions, two old and one new AD domain with no trusts in between and persons with accounts in only one, two or all three ADs).

You have to care for an unique UID for every person - that means every account for the person in the different domain shares the same UID. You have a CIFS server in every domain exporting the same filesystems. The owner of an object in domain A has no rights on it in the other domains, but with an account in domain B with the same UID Windows treats him as the owner of this obejct so he can resume the ownership in that domain too and set the appropriate rights in domain B. The existing ACLs of domain A will coexist but shown only as hex-strings because all domain B servers can't resolve the account name out from domain A.

Until now I couldn't find another NAS platform where I can do the same thing.

Hope this helps, urle

Rainer_EMC

4 Operator

 • 

8.6K Posts

September 5th, 2011 06:00

I think if its CIFS only with NATIVE access policy then you don’t have to have the same UID for every user.

You would of course have to make sure that the ACL’s permit access to all users - .i.e. Allow Everyone

AFAIK Everyone is a special SID that is not domain specific

Rainer

dzjaypee

2 Posts

September 5th, 2011 23:00

Urle, Rainer,

Thank you.

I'm going to try and implement a solution based on your suggestions.

To be continued...

Kind regards,

Jan

Was this post helpful?

View All

No Events found!

Top