Verify and set AD entries.
To help verify your AD environment you will want to address the below two items:
1) Ensure that the current hostname on the QuantaStor matches the DNS name and IP address in your DNS server(s).
2) Leave the domain and join the domain again using a geographically closer Active Directory server.
After these changes are made, please use the below to clear and regenerate the ad cache used by the Web Interface for browsing users and groups from the AD server.
Please note that you can also use the `qs share-modify` cli command to assign CIFS users and groups to a network share for access.
Detail of "share-modify":
root@qs316-dr-target:~# qs help=share-modify
OSNEXUS QuantaStor CLI 188.8.131.5279
Copyright (c) 2009-2015 OSNEXUS Corporation. All rights reserved.
:: Modifies the properties of the specified network share.
<--share> :: Name or ID of a network share.
[--name] :: Names may include any alpha-numeric characters '_' and '-', spaces are
[--desc] :: A description for the object.
[--active] :: Indicates that the network share should be activated.
[--space-quota] :: Size of the quota for the network share (optional).
[--sync] :: Synchronization policy to use for handling writes to the storage pool
(standard, always, none). standard mode is a hybrid of write-through and
write-back caching based on the O_SYNC flag, always mode is write-through
to ZIL which could be SSD cache, and disabled indicates to always use
async writes. [always, disabled, *standard]
[--compression-type] :: Type of compression to be used. (on | off | lzjb | gzip | gzip-[1-9] |
zle | lz4)
[--copies] :: Indicates the number of copies of each block should be maintained in the
storage pool. This is a way of getting duplicates for bit-rot protection
on a single device.
[--cifs-enable] :: Enables Samba support for network share.
[--user-access-list] :: List of users with permission to access the network share for example
'DOMAIN+user1:valid,user2:invalid,user3:none,~user7,~user33', prepend with tilde
(~) to remove fields/properties.
[--group-access-list] :: List of groups with permission to access the network share for example
'DOMAIN+group1:valid,~DOMAIN+group2' prepend with tilde (~) to remove
access for specific users or groups.
[--cifs-options] :: CIFS/Samba configuration options specified as
'key=value,key2=value2,~key3,...', prepend with tilde (~) to remove
[--disable-snap-browsing] :: When this is true, ability to browse snapshot directories over CIFS is
[--share-owner] :: Name of the share owner
[--share-owner-group] :: Name of the share owner group (Need to specify both share owner and
[--permissions] :: Permissions settings for the share in read/write/execute format for
user/group/other in the standard UNIX permissions octal format (eg 755)
[--flags] :: Optional flags for the operation. [async]
For example, you can use the below command to add access to a Network Share named 'testshare1' for a user domain user named 'bob' with valid user access and the domain groups 'domain admins' with admin access and 'domain users' with valid user access.
Please note that you will want to pass in the `--server=` flag for the authentication credentials for a user that has administrative access to the QuantaStor management services.
qs share-modify --share=testshare1 --user-access-list='DOMAIN+bob':valid --group-access-list='DOMAIN+domain admins':admin,'DOMAIN+domain users':valid --server=localhost,admin.PASSWORD