Sun Microsystems, Inc.  Oracle System Handbook - ISO 7.0 May 2018 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-71-1402596.1
Update Date:2016-02-05
Keywords:
Solution Type  Technical Instruction Sure

Solution  1402596.1 :   Sun Storage 7000 Unified Storage System: Mapping to specific UNIX users fails  

Related Items 
    

  • Sun ZFS Storage 7420
    •  
  • Sun Storage 7110 Unified Storage System
    •  
  • Oracle ZFS Storage ZS3-2
    •  
  • Sun Storage 7210 Unified Storage System
    •  
  • Oracle ZFS Storage ZS4-4
    •  
  • Sun Storage 7410 Unified Storage System
    •  
  • Sun Storage 7310 Unified Storage System
    •  
  • Sun ZFS Storage 7120
    •  
  • Oracle ZFS Storage ZS3-4
    •  
  • Sun ZFS Storage 7320
    •  
  • Oracle ZFS Storage Appliance Racked System ZS4-4
    •  
  • Oracle ZFS Storage ZS3-BA
    •  
Related Categories 
    

  • PLA-Support>Sun Systems>DISK>ZFS Storage>SN-DK: 7xxx NAS
    •  
  • _Old GCS Categories>Sun Microsystems>Storage - Disk>Unified Storage
    •  






In this Document


Goal


Solution


References

Created from <SR 3-3740498461>


Applies to:  

Sun ZFS Storage 7320 - Version All Versions and later
Sun ZFS Storage 7420 - Version All Versions and later
Sun Storage 7310 Unified Storage System - Version All Versions and later
Sun Storage 7110 Unified Storage System - Version All Versions and later
Sun Storage 7210 Unified Storage System - Version All Versions and later
7000 Appliance OS (Fishworks)



Goal


This document explains how to check for and resolve server connection problems that can lead to mapping failures.


To discuss this information further with Oracle experts and industry peers, we encourage you to review, join or start a discussion in the My Oracle Support Community - Disk Storage ZFS Storage Appliance Community


Solution


In order to successfully map a user or group to a non-ephemeral uid/gid, an active connection to both the AD server and the UNIX naming service is required.


Often, the issue is that one of these connections has been lost.


To check the UNIX nameserver, use getent database name at the CLI admin interface.


For example:


nas1:> getent passwd will
 will:x:100:10::/var/ak/home/will:/usr/lib/ak/tools/aksh-wrapper


 


A failure to resolve the name is an indication you need to check the configuration or connection to this server.


To check the connection to the AD server, check the AD configuration:


server-a:> configuration services ad show
 Properties:
 <status> = online
 mode = domain
 domain = nas.local
 server = <none>


In this example, the connection has been lost. If the connection were active, there would be a valid IP address for "server".


 


Individual mappings can also be checked using:


Configuration - Services - Identity Mapping - Mappings


 


Here's an example of the results for a Windows user:


User Properties
 Name <No name available>
 ID 2147483650
 Source Cached mapping
 Backend Ephemeral


... this tells us that the mapping is Ephemeral, so if it was expected to see a mapping to a known UNIX user, this would be confirmation that it's not working, and that once again, the UNIX name server should be checked.


 


Also note the very large UID beginning with 2147. The ZFSSA uses numbers in this range to avoid conflicts with existing NIS or LDAP users, so they are easily identifiable as ephemeral IDs.


 


Back to Document 1428753.1  Sun Storage 7000 Unified Storage System: How to Troubleshoot Identity Mapping and cross-platform file sharing issues.


References
<NOTE:1428753.1> - Sun Storage 7000 Unified Storage System: How to Troubleshoot Identity Mapping and Cross-Platform File Sharing Issues



Attachments

This solution has no attachment


















       

Copyright © 2018 Oracle, Inc.  All rights reserved.

 Feedback