Follow

Verifying AD environment

Subject:

Verify and set AD entries.

 

Detail:

To help verify your AD environment you will want to address the below two items:

1) Ensure that the current hostname on the QuantaStor matches the DNS name and IP address in your DNS server(s).


2) Leave the domain and join the domain again using a geographically closer Active Directory server.

After these changes are made, please use the below to clear and regenerate the ad cache used by the Web Interface for browsing users and groups from the AD server.

qs-util adcacheclearall
qs-util adcachegenall

Please note that you can also use the `qs share-modify` cli command to assign CIFS users and groups to a network share for access.

Detail of "share-modify":
###
root@qs316-dr-target:~# qs help=share-modify

OSNEXUS QuantaStor CLI 3.16.2.9179
Copyright (c) 2009-2015 OSNEXUS Corporation.  All rights reserved.

 COMMAND

    share-modify [shr-modify]
      :: Modifies the properties of the specified network share.
    <--share>        :: Name or ID of a network share.
    [--name]         :: Names may include any alpha-numeric characters '_' and '-', spaces are
                            not allowed.
    [--desc]         :: A description for the object.
    [--active]       :: Indicates that the network share should be activated.
    [--space-quota]  :: Size of the quota for the network share (optional).
    [--sync]         :: Synchronization policy to use for handling writes to the storage pool
                            (standard, always, none).  standard mode is a hybrid of write-through and
                            write-back caching based on the O_SYNC flag, always mode is write-through
                            to ZIL which could be SSD cache, and disabled indicates to always use
                            async writes. [always, disabled, *standard]
    [--compression-type] :: Type of compression to be used. (on | off | lzjb | gzip | gzip-[1-9] |
                            zle | lz4)
    [--copies]       :: Indicates the number of copies of each block should be maintained in the
                            storage pool.  This is a way of getting duplicates for bit-rot protection
                            on a single device.
    [--cifs-enable]  :: Enables Samba support for network share.
    [--user-access-list] :: List of users with permission to access the network share for example
                            'DOMAIN+user1:valid,user2:invalid,user3:none,~user7,~user33', prepend with tilde
                            (~) to remove fields/properties.
    [--group-access-list] :: List of groups with permission to access the network share for example
                            'DOMAIN+group1:valid,~DOMAIN+group2' prepend with tilde (~) to remove
                            access for specific users or groups.
    [--cifs-options] :: CIFS/Samba configuration options specified as
                            'key=value,key2=value2,~key3,...', prepend with tilde (~) to remove
                            fields/properties.
    [--disable-snap-browsing] :: When this is true, ability to browse snapshot directories over CIFS is
                            disabled.
    [--share-owner]  :: Name of the share owner
    [--share-owner-group] :: Name of the share owner group (Need to specify both share owner and
                            group)
    [--permissions]  :: Permissions settings for the share in read/write/execute format for
                            user/group/other in the standard UNIX permissions octal format (eg 755)
                            or rwxr--r--
    [--flags]        :: Optional flags for the operation. [async]

###


For example, you can use the below command to add access to a Network Share named 'testshare1' for a user domain user named 'bob' with valid user access and the domain groups 'domain admins' with admin access and 'domain users' with valid user access.


Please note that you will want to pass in the `--server=` flag for the authentication credentials for a user that has administrative access to the QuantaStor management services.

Example command:
qs share-modify --share=testshare1 --user-access-list='DOMAIN+bob':valid  --group-access-list='DOMAIN+domain admins':admin,'DOMAIN+domain users':valid --server=localhost,admin.PASSWORD

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk