Hello Community,
we have the following situation
Customer environment:
The customer has two AD domains connected via bidirectional trust with selective authentication. I will call them the old and the new domain till end of my mail.
Some of the users are already in the new one and some reside still in the old one.
The users who have been already migrated to the new domain authenticate themselves onto objects in the old domain with their SID history (user in the old domain is still available, but it has been disabled).
Active users in the old domain have been already created in the new domain with status disabled.
// There are users who are in both domains and should also do UNIX, but they are disabled in the new domain, e.g. user AA5052, it still has to be migrated)
// There are users who are in both domains and should also do UNIX, but they are disabled in the old domain, e.g. user AA5215, it has been migrated)
NFSv3, NFSv4 and CIFS are in use.
The AD Server is used as LDAP Server.
Requirements:
The customer must be able to access the same files from UNIX and Windows.
Both users from the old and the new domain must have access.
Tests performed:
CIFS server has been joined to the old domain (security style = NTFS):
+ CIFS access by users from the old and new domains works
+ NFS mount v3 and v4 works
- “ls” gets stuck for users from the new domain
CIFS server has been joined to the new domain (security style = NTFS):
+ NFS and CIFS access works with users form the new domain
- NFS and CIFS access does not work with users from the old domain
Any hint about the both „-“ would be appreciated.
Thanks and Regards
Anastas
PSC NetApp Austria