Start a Conversation

Solved!

Go to Solution

979

March 2nd, 2023 07:00

Powerscale SMB Share management using MMC

Hi Experts

Did anyone try managing Power Scale SMB Shares using MMC ?

PowerScale OneFS 9.4.0.0 Web Administration Guide | Dell US

Here is what I get when connecting to the Isilon IP.  Neither DR or PROD work properly.

KamalArsft_0-1677769275207.png

KamalArsft_1-1677769275220.png

Here is what I see when I connect to a node IP.  It doesn’t show anything besides my mmc connection.

KamalArsft_2-1677769275231.png

 

5 Posts

March 24th, 2023 03:00

@KamalArsftyes, for me it's working.

Indeed, your AD-Account, from what you are using to "administrate" (or a local account or what ever) has to be in "Access->Memberships and Roles->Groups->LOCAL:System->Administrator" there you have to add your "AD-User" or what ever. Per default you are in Access Zone "SYSTEM" so you have to put your Account in there. Once saved that in the AccessZone Administrator group you could login with MMC.

Do you have more Access Zones? add them in the other AZ as well.

For me this is working. But i think there are quite more very important informations, i never see them in all my  Dell documentaion like "Best Practice SMB" and so on.

Like WHERE is the right start to create a SMB-Share? Is it WEBIF or MMC? With which Account so i have to login to WEBIF in order to have the right permission on the smb-share? Actualy i'm using the "default" Admin/root account to login into Isilon and create the smb-share, but than checking via cli there are some faulty permissions. So i have to change it after creating the share via cli and i would say, it has to be in WEBIF or in MMC. It's a workprocess that comes with a break if i only could do this like i described above.

So for now we have the effects, that in an other AZ there is as AuthProvider our AD and one local:system user to connect with, but however by default a colleague if mine is connecting with "Window Explorer", create a Folder with his AD-User account and however, the user-id the folder or the file is a LOCAL:System Account, that even isn't in this Access Zone.

Therefor i wanted to get realy best pratices for smb-shares, that realy help.

Regards Sebastian

Moderator

 • 

8.5K Posts

March 2nd, 2023 13:00

Hi,
Thanks for your question. Are you using an account that has privileges? 
MMC connection requirements 
• You must run the Microsoft Management Console (MMC) from a Windows workstation that is joined to the domain of an Active Directory (AD) provider configured on the cluster.
• You must be a member of the local \Administrators group. Note Role-based access control (RBAC) privileges do not apply to the MMC. A role with SMB privileges is not sufficient to gain access.
• You must log in to a Windows workstation as an Active Directory user that is a member of the local \Administrators group.
https://dell.to/3SKoNrG
Let us know if you have any additional questions.

Moderator

 • 

8.5K Posts

March 3rd, 2023 06:00

What happens if you try to connect with the FQDN instead of the IP? 

March 3rd, 2023 06:00

Thank you. .. I have applied these steps. but it didn't fix the problem. looks dell support also doesn't support this. 

1 Rookie

 • 

567 Posts

March 5th, 2023 14:00

@KamalArsft,

make sure you have a same local user in Isilon that has SystemAdmin role.  

Isilon/PowerScale:

PhilLam_2-1678055273637.png

 

 

Windows MMC:

PhilLam_3-1678055309870.png

 

 



1 Rookie

 • 

567 Posts

March 5th, 2023 14:00

I logged into windows as administrator, so I created a local Isilon/PowerScale administrator account with SystemAdmin role.

March 22nd, 2023 13:00

Thank you, I have tried the same, I have added the local user account to admin and wheel still getting the same error. 

is it working for any one ?

1 Rookie

 • 

567 Posts

March 22nd, 2023 13:00

@KamalArsft SytemAdmin is a role (RBAC) not local group


PhilLam_0-1679516019664.png

 

March 24th, 2023 04:00

Thank you this worked. Especially adding my AD account to the local Admin group of the access zone. 

Thanks again

No Events found!

Top