FXDERVELOY's Posts

FXDERVELOY's Posts

It's Work now.  Connect datamover to Active Directory are simple. Active Directory If you have 2003R2 DC or 2008. no nodifications are necessary. Attributes are already present in the AD ... See more...
It's Work now.  Connect datamover to Active Directory are simple. Active Directory If you have 2003R2 DC or 2008. no nodifications are necessary. Attributes are already present in the AD schema. It's necessary to install IDMU if you need some tools for importing nis map to your domain. If you assume provisionning manually necessary attributes In active Directory, nothing to do. Datamover Configuration You need to configure : ldap.conf in /nasmcd/quota/slot.x/.etc/ldap.conf nsswitch.conf in /nasmcd/quota/slot.x/.etc/nsswitch.conf And  bind Active directory with server_ldap command. Tips For obtain an answer to Ldap directory gidnumber and uidnumber are mandatory for CIFS environnement. Other attributes are optionals unless if you use an mixed CIFS / NFS environnement. All works fine Thanks for help. Best regards François-Xavier DERVELOY
Hi, Thanks rainer for your help. I take contact to french expert. Best regards
It's not so easy. I have 70 celerra on 50 sites. I use quota ( qtree and quota user).  I have 80 000 user on Active Directory. Usermapper works fine but it's not a "very good" solution ! ... See more...
It's not so easy. I have 70 celerra on 50 sites. I use quota ( qtree and quota user).  I have 80 000 user on Active Directory. Usermapper works fine but it's not a "very good" solution ! I would like centralise UID for two principals raesons : - It's not possible for me to manage quota  efficiently. I have  an exploitation Tools for  hotline (Web Interface).  And i can't manage quota with it because  it's impossible to know the mapping SID / UID without to connect on good nas. If uid are centralized, i could launch nas_quota  command with an automatic process.  it's an important cost reduction for me because in could to delegate quota management to hotline ! - It's not easy for desaster recovery process. It's simple to import / export Usermapper when you failover 1 site (1 Nas) from 1 site (1 nas). But it's impossible to failover 2 or more sites to 1 NAS ( with 1 xBlade).   I can't merge usermapper because all usermapper begin at the same number. In my technical context centralized UID  seems a good idea. For this reason i  search to bench this solution. Best regards Francois-Xavier DERVELOY France
HI, I would like  to centralize User mapping in Active Directory.  I use only CIFS protocol and just have one  windows 2008 Domain. I read all documentation about this architecture.I don't un... See more...
HI, I would like  to centralize User mapping in Active Directory.  I use only CIFS protocol and just have one  windows 2008 Domain. I read all documentation about this architecture.I don't understand roles of IDMU installation because for me Active Directory own already Unix Attribut.  Can tou explain roles of IDMU ? I try without configuring IDMU. You find configuration after : ldap.conf # Containers # Replace "dc=mydomain,dc=com" by your base DN. # If you have a dedicated container for netgroups, replace # "cn=netgroup,cn=mydomain,cn=DefaultMigrationContainer30" by the right DN. nss_base_passwd      dc=xxx,dc=xxx,dc=fr?sub nss_base_group       dc=xxx,dc=xxx,dc=fr?sub nss_base_hosts       dc=xxx,dc=xxx,dc=fr?sub #nss_base_netgroup    cn=netgroup,cn=mydomain,cn=DefaultMigrationContainer30,dc=mydomain,dc=com?sub # Objects nss_map_objectclass  posixAccount    User nss_map_objectclass  posixGroup      Group nss_map_objectclass  ipHost          Computer # Attributes nss_map_attribute    userPassword    unixUserPassword nss_map_attribute    homeDirectory   unixHomeDirectory # eof server_ldap server_2 : LDAP domain: xxx.xxx.fr      base DN: dc=xxx,dc=xxx,dc=fr      State: Configured - Connected NIS domain: xxx.xxx.fr Proxy (Bind) DN: CN=cssgdd cssgdd,OU=Comptes,OU=LGD,OU=O-9,OU=R-OUTILS,DC=xxx,DC=xxx,DC=fr      Configuration file - TTL: 1200 seconds      Next configuration update in 362 seconds      DIT schema type: MS LDAP configuration servers:      Server 163.80.83.141 port 389 : Active, disconnected        SSL not enabled, Persona: none specified, Cipher Suite List: none specified Domain naming contexts:      DC=xxx,DC=xxx,DC=fr      CN=Configuration,DC=xxx,DC=xxx,DC=fr      CN=Schema,CN=Configuration,DC=xxx,DC=xxx,DC=fr      DC=DomainDnsZones,DC=xxx,DC=xxx,DC=fr      DC=ForestDnsZones,DC=xxx,DC=xxx,DC=fr Domain supported authentication mechanisms:      GSSAPI      GSS-SPNEGO      EXTERNAL      DIGEST-MD5      Supported LDAP version: 3      Supported LDAP version: 2 Default search base: dc=xxx,dc=xxx,dc=fr Domain default search scope: ONE      passwd base DN:           dc=xxx,dc=xxx,dc=fr - search scope SUB           passwd object class: User           passwd attributes: cn, uid, uidNumber, gidNumber, unixUserPassword, loginShell, gecos, description      group base DN:           dc=xxx,dc=xxx,dc=fr - search scope SUB           group object class: Group           group attributes: cn, gidNumber, unixUserPassword, memberUid, description           memberUid syntax is IA5String (Posix)      hosts base DN:           dc=xxx,dc=xxx,dc=fr - search scope SUB           host object class: Computer           host attributes: cn, ipHostNumber, description      No netgroup base DN When i test connection with active directiry : server_ldap server_2 -lookup -uid 12345 server_2 : Unable to get information for uid 12345 Have you an idea for resolve my problem  ? Thanks for your help Best regards François-Xavier DERVELOY France
Hi, I use a vbscript to automate many thing on the NAS with the XML API I would like manage quota with API. Many XML request  has UID in input and i don't know UID of a user. I know onl... See more...
Hi, I use a vbscript to automate many thing on the NAS with the XML API I would like manage quota with API. Many XML request  has UID in input and i don't know UID of a user. I know only the AD username "Domain\User". Is it possible to find the UID with a XML request with AD username  as filter ? Thanks for your help François-Xavier DERVELOY France