Yes. But you need to manage your AD users on AD Server. NexentaStor is just a "Computer" object.

Yes, that is what I would be doing.

I have been doing research and I'm finding that Nexenta customers are having widely mixed results in an Active Directory environment regarding user ACLs not working correctly. Something about the way opensolaris does kerberos...? Can anyone shed any light on this?

Christopher Hearn wrote:

Yes, that is what I would be doing.

I have been doing research and I'm finding that Nexenta customers are having widely mixed results in an Active Directory environment regarding user ACLs not working correctly. Something about the way opensolaris does kerberos...? Can anyone shed any light on this?

The kerberos ticketing bugs really have nothing to do with ACL's. If your kerberos tickets are broken on opensolaris you won't even be able to access the SAN via CIFS to do anything ACL related anyway.

Good news is, the outstanding kerberos that I've been struggling with has been fixed in snv_137 for OpenSolaris. I'm hoping Nexenta will have it backported into a minor update soon.

Yes, CIFS updates are coming...

Dmitry Yusupov wrote:

Yes, CIFS updates are coming...

Very promising. Any idea when?

Very promising. Any idea when?

Possibly early next week.

Dmitry Yusupov wrote:

Very promising. Any idea when?

Possibly early next week.

Any word on whether or not 3.0.2 is better with Kerberos in AD?

It is better. Some large patches went into 134e kernel, you can verify it by running "uname -a"

On 05/27/2010 01:09 PM, NexentaStor.org wrote:

http://www.nexentastor.org/boards/2/topics/96 Christopher Hearn

Dmitry Yusupov wrote:

Very promising. Any idea when?

Possibly early next week.

Any word on whether or not 3.0.2 is better with Kerberos in AD?