Sun Storage 7310 Unified Storage System
 
Sun Storage 7410 Unified Storage System
 
Sun ZFS Storage 7120
 
Sun Storage 7110 Unified Storage System
 
Sun ZFS Storage 7320
 
Sun ZFS Storage 7420
 
Sun Storage 7210 Unified Storage System
 

PLA-Support>Sun Systems>DISK>NAS>SN-DK: 7xxx NAS
 
.Old GCS Categories>Sun Microsystems>Storage - Disk>Unified Storage
 

In this Document

Symptoms

Cause

Solution

References

Created from <SR 3-3740498461>

Applies to:

Symptoms

When attempting to access the appliance via SMB (from a Windows client in this case), the user is denied access, unable to view any shares.
This issue will occur when IDMU (Identity Mapping for UNIX) is enabled on the Windows Server, and will only affect those Windows users for whom a UID has been specified in the Domain Users applet.
These messages may be seen in the system log:

However, they may only be in the debug log, /var/ak/logs/debug<.X>, which is only accessible at the shell or in the support bundle.

Cause

The configuration of the UIDs in IDMU creates a requirement that the name be resolved by a UNIX name resolution service.
In this case, there was no name resolution service configured. However, the same problem could occur if the name service was not functioning.

Solution

Almost always, one of the primary purposes of installing IDMU is to replace UNIX naming servers. Therefore the solution is to configure the appliance to use it for this purpose.
The two supported name services on the appliance are NIS and LDAP, The configuration for NIS ,which is considerably easier, will be covered in this document. It is possible to use LDAP, but that is beyond the scope of this document.

Confirm that Services for NIS is configured on the customer Domain Controller. This is normally installed with IDMU, and is available from the same Microsoft source.
See: Microsoft Article: Installing Identity Management for Unix
Note that it's the customer's responsibility to install and configure the Microsoft side of this, including IDMU and services for NIS. The customer may need to be referred to Microsoft Support if they need in-depth assistance with this piece.
Once this has been confirmed, determine the NIS domain name. In Windows Server 2008, this can be found in the Server Manager MMC application, under Roles/Active Directory Domain Services/Microsoft Identity Management for UNIX/Server for NIS.

Example:



Note that Microsoft NIS domain names are frequently not fully qualified, and therefore may not match the Active Directory or DNS Domain names. In the above example, the NIS Domain name is "naslab2k8".

Once the NIS Domain name is known, use that information and the Domain Controller IP address to configure NIS services on the appliance:

• Navigate in the BUI to
  
  Configuration - Services - NIS
• Configure the NIS domain name
• Select the "use listed servers" radio button
• Add the Domain Controller IP address.
• Accept the prompt to enable or restart the NIS service.
• Navigate to Configuration/Services/Identity Mapping
• Click the "Flush" button

With a functioning name service, users with UIDs should now be able to connect to the appliance.

Back to <Document 1428753.1> Sun Storage 7000 Unified Storage System: How to Troubleshoot Identity Mapping and cross-platform file sharing issues.

References

This solution has no attachment