Network and Storage Protocols

winbind authentification

regis_carlier
3,880 Views

Hi ,

First of all ... DOT 8.1 7mode ...

I want to share a volume simultaneously accessed with CIFS and NFS .

The controller belongs to an AD domain for windows authentification .

The linux servers authenticate though Winbind to the AD controller ... No nis, no passwd file , ....

To be able to share and manage users and rights correctly for files for this share , I need a unix authentification process .....

I need to be able to map a unix user to a windows user ....

But , I have no nis , no passwd file, no 'real' ldap , ....

How can I configure Ontap to authenticate a unix user to a windows AD ?

TIA ,

REG

3 REPLIES 3

mijohnst
3,880 Views

Reg,

I'm working through this exact issue right now with Netapp support.  I know the answer has to do with how LDAP is configured on the Netapp, but we just haven't gotten it working yet.  As soon as we get it configured correctly, I'll come back and post how we did it.  If you figured it out already, please give an update.

Mike

kodavali
3,880 Views

Hi Regis,

If Linux servers are already been authenticated by AD, why would you need name-mapping? Once you configure CIFS server AD DC is added as an LDAP server to the Vserver and LDAP schema configuration is setup automatically.

What is the challenge here and Is there something I am missing here?

- Chowdary.

mijohnst
3,880 Views

The issue is that Winbind generates a UID based one a Windows SID from a user and Netapp doesn't know how to translate that.  On my Netapp, I can setup an NTFS qtree and give myself permissions and that works great in Windows.  I can mount that qtree to a Linux machine via NFS.  I turn on "cifs_trace.login" and from the Linux system CD into the mounted qtree directory and receive a permission denied immediately.  Looking at the console it outputs and error that it doesn't know what the UID is.

Public