Using attributes from Windows 2008 R2 as uid / gid for NFS exported file systems
We are evaluating Nexentastor as a replacement for our current file server, and seems to have hit a configuration problem.
All our shares are shared both as CIFS and NFS. In our current (NetApp) system users are defined in both AD and NIS, so that when a file is written through NFS security works with CIFS, and vice versa. We would like to switch to having users defined only in AD, with ACLs.
On our Nexentastor installation we're able to connect to the same share with both CIFS and NFS, but we have so far not managed to configure it so that when a file is written on CIFS the uid shown on the NFS side is the same as the uidNumber set in AD (from the Windows 2008R2 Unix attributes), or have the files written with NFS have the correct SSID on the Windows side.
So far we've tried:
- Using only AD (e.g passwd: files ad in /etc/nsswitch.conf) files created with CIFS shows up as being owned by firstname.lastname@example.org on the nexentastor box, and with an ephemeral uid exported by NFS. (This id is also visible with getent passwd email@example.com, or with idmap show -cv firstname.lastname@example.org)
- With LDAP it doesn't seem to connect properly at all, but this might be a configuration problem on our end.
Using ldapsearch it is easy to verify that the information in AD is correct.
Before we continue working on this, are there anyone who can confirm that they've made this work, either with AD directly or with AD by way of ldap? I guess this migth be a question for presales support as well.
Erik / NR