[OmniOS-discuss] CIFS access to a folder with traditional (owner:group:other) Unix permissions

Oliver Weinmann oliver.weinmann at telespazio-vega.de
Tue Jun 27 06:24:49 UTC 2017 

Hi,

we are currently migrating all our data from a NetAPP system to an OmniOS sytem.

The OmniOS system is joined to AD and LDAP client is configured to pull LDAP info from AD / IDMU. This works fine.

However we can't manage to have access on folders where we have Unix permissions from windows (CIFS).

e.g.

the user utest2 is member of the goup "Up BCSIM De_Dt Da Lg":

root at omnios01:/hgst4u60/ReferenceAC/BCSIM/Software# groups utest2
10000 Up BCSIM De_Dt Da Lg

The folder Unix has the following permissions set:

root at omnios01:/hgst4u60/ReferenceAC/BCSIM/Software# ls -al
total 47
d---------+  4 root     2147483653       4 Apr 25 05:37 .
d---------+  4 root     2147483659       4 Apr 25 05:35 ..
drwxrws---   9 bcsim    Up BCSIM De_Dt Da Lg      11 Mar  9 10:40 Unix
d---------+  6 root     2147483653       6 Apr 25 05:37 Windows

so User bcsim and all members of group "Up BCSIM De_Dt Da Lg" can access the folder just fine via NFS.

If the user utest2 tries to access this folder from windows via CIFS he gets access denied.

If I change the permissions so that other have r-x he can access the folder but then I have no control on who can access the folder.

On our NetApp system this was working fine. I assume it has to do with the IDMAP daemon using ephemeral mappings instead of pulling the uidnumber and gidnumber from AD?

I don't want to use extended ACLs on this folder.

Any ideas?



[cid:Logo_Telespazio_180_px_signature_eng_b58fa623-e26d-4116-9230-766adacfe55e1111111111111.png]

Oliver Weinmann
Senior Unix VMWare, Storage Engineer

Telespazio VEGA Deutschland GmbH
Europaplatz 5 - 64293 Darmstadt - Germany
Ph: + 49 (0)6151 8257 744 | Fax: +49 (0)6151 8257 799
oliver.weinmann at telespazio-vega.de<mailto:oliver.weinmann at telespazio-vega.de>
http://www.telespazio-vega.de

Registered office/Sitz: Darmstadt, Register court/Registergericht: Darmstadt, HRB 89231; Managing Director/Gesch?ftsf?hrer: Sigmar Keller
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omniosce.org/ml-archive/attachments/20170627/b569b449/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Logo_Telespazio_180_px_signature_eng_b58fa623-e26d-4116-9230-766adacfe55e1111111111111.png
Type: image/png
Size: 7535 bytes
Desc: Logo_Telespazio_180_px_signature_eng_b58fa623-e26d-4116-9230-766adacfe55e1111111111111.png
URL: <https://omniosce.org/ml-archive/attachments/20170627/b569b449/attachment-0001.png>

More information about the OmniOS-discuss mailing list