[gpfsug-discuss] Active direcotry based ACLs for Samba and Windows GPFS clients
Sarah Walters
sarah.walters at uq.edu.au
Mon Mar 11 03:09:44 GMT 2024
It works just fine at UQ, using an AFM cache. We have NFS-only at the 'home' but we have thousands of filesets coming out of NFS and SMB on our cache. Not, technically, a preferred configuration to have that many of them, but it's possible.
Sarah Walters
BCompSc
Research Computing Systems Engineer
Research Computing Centre
The University of Queensland
Brisbane QLD 4072 Australia
E sarah.walters at uq.edu.au W www.rcc.uq.edu.au
CRICOS code: 00025B
The University of Queensland is embracing the Green Office philosophy. Please consider the environment before printing this email.
This email (including any attached files) is intended solely for the addressee and may contain confidential information of The University of Queensland. If you are not the addressee, you are notified that any transmission, distribution, printing or photocopying of this email is prohibited. If you have received this email in error, please delete and notify me. Unless explicitly stated, the opinions expressed in this email do not represent the official position of The University of Queensland.
________________________________
From: gpfsug-discuss <gpfsug-discuss-bounces at gpfsug.org> on behalf of Jonathan Buzzard <jonathan.buzzard at strath.ac.uk>
Sent: Saturday, 9 March 2024 02:18
To: gpfsug-discuss at gpfsug.org <gpfsug-discuss at gpfsug.org>
Subject: Re: [gpfsug-discuss] Active direcotry based ACLs for Samba and Windows GPFS clients
On 08/03/2024 16:08, Peter Hruška wrote:
> Hello Jonathan,
>
> Thank you for the answer. Since I used Automatic ID-mapping method for
> the mmauth deployment I didn't do anything regarding RFC2307.
> I chose this approach because we don't want to use kerberos for NFS
> authentication (although we will use NFS for separate data access).
> I'll check on that. If you have any hints I would appreciate them.
>
Consistent mapping won't work without RFC2307bis attributes being
populated as far as I am aware. Windows knows nothing about the
idmap_rid, it only knows about SID's
Mixing NFS and Samba out the same file system or at the very least the
same directory hierarchy is a mugs game. There in lies a gigantic pit of
woe for all those foolish enough to try based on personal experience.
JAB.
--
Jonathan A. Buzzard Tel: +44141-5483420
HPC System Administrator, ARCHIE-WeSt.
University of Strathclyde, John Anderson Building, Glasgow. G4 0NG
_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at gpfsug.org
http://gpfsug.org/mailman/listinfo/gpfsug-discuss_gpfsug.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20240311/758ac1fd/attachment.htm>
More information about the gpfsug-discuss
mailing list