[gpfsug-discuss] SS 4.2.1 + CES NFS / SMB
Mark.Bush at siriuscom.com
Mark.Bush at siriuscom.com
Mon Nov 14 19:48:04 GMT 2016
I don’t have the exact answer to this issue but I had dealt with something similar before. I’m thinking this may have something to do with NFSv4 needing to be kerberized to work with AD? Again, not really sure on the SpecScale specifics here but worth seeing if you need Kerberos as well to get this to authenticate properly with AD and NFSv4.
From: <gpfsug-discuss-bounces at spectrumscale.org> on behalf of Andy Parker1 <andy_parker1 at uk.ibm.com>
Reply-To: gpfsug main discussion list <gpfsug-discuss at spectrumscale.org>
Date: Friday, November 11, 2016 at 10:20 AM
To: "gpfsug-discuss at spectrumscale.org" <gpfsug-discuss at spectrumscale.org>
Subject: [gpfsug-discuss] SS 4.2.1 + CES NFS / SMB
We have setup a small cluster to test, play & learn about the protocol servers. We have setup mmuserauth for AD + RFC2307 and
we can share and access data via SMB and access is on windows clients with no issues.
The file DAC of a file created via windows looks like this from the SS cesNode:
$ ls -l
total 0
-rwxr--r-- 1 SPECTRUMSCALE\newmanjo SPECTRUMSCALE\ces-admins 33 Nov 10 17:29 helloworld.txt
The NFS protocol is also exported for NFS 3,4 and when mount using NFS version '3' from an AIX 7.1 server I see also
OK DAC names uid / group, so the UID mapping is working. The AIX is linked to the AD for LDAP account services and
I can query accounts and get shell logon for accounts defined within AD for unix services.
# ls -l ( from AIX client NFS V3)
total 0
-rwxr--r-- 1 newmanjo ces-admi 33 10 Nov 17:29 helloworld.txt
Now the Problem:
When I mount the AIX client as NFS4 I do no see the user/group names. I know NFS4 passes names and not UID/GID numbers so I
guess this is linked.
# pwd
/mnt/ibm/hurss/share1
# ls -l ( from AIX client NFS V4)
total 0
-rwxr--r-- 1 nobody nobody 33 10 Nov 17:29 helloworld.txt
On the AIX server I have set NFS domain to virtual1.com
# chnfsdom
Current local domain: virtual1.com
This matches the DOMAIN from the mmnfs config list domain ( not 100% sure this is correct)
[root at hurss4 ~]# mmnfs config list
NFS Ganesha Configuration:
==========================
NFS_PROTOCOLS: 3,4
NFS_PORT: 2049
MNT_PORT: 0
NLM_PORT: 0
RQUOTA_PORT: 0
SHORT_FILE_HANDLE: FALSE
LEASE_LIFETIME: 60
DOMAINNAME: VIRTUAL1.COM
DELEGATIONS: Disabled
Also the 'nfsrgyd' a name translation service for NFS servers and clients is running.
lssrc -s nfsrgyd
Subsystem Group PID Status
nfsrgyd nfs 8585412 active
Summary / Question:
Can anybody explain why I do not see userID / Group names when viewing via a NFS4 client and ideally how to fix this.
Rgds Andy P
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. This message may be viewed by parties at Sirius Computer Solutions other than those named in the message header. This message does not contain an official representation of Sirius Computer Solutions. If you have received this communication in error, notify Sirius Computer Solutions immediately and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.
Sirius Computer Solutions<http://www.siriuscom.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20161114/2a98cdde/attachment.htm>
More information about the gpfsug-discuss
mailing list