![]() | Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition | ||
|
|
![]() |
||||||||||||||||
Solution Type Problem Resolution Sure Solution 1464691.1 : Sun Storage 7000 Unified Storage System: Changing a share quota generates "Unknown user"-error.
Changing quota on a share with root-ACL's set may give an "Unknown user" in the Browser UI, or "error: invalid property value "undefined" for "com.sun.ak:acl": Unknown or invalid user" in CLI. In this Document
Created from <SR 3-5496486261> Applies to:Sun ZFS Storage 7420 - Version Not Applicable and laterSun Storage 7410 Unified Storage System - Version Not Applicable and later Sun ZFS Storage 7120 - Version Not Applicable and later Sun ZFS Storage 7320 - Version Not Applicable and later Sun Storage 7210 Unified Storage System - Version Not Applicable and later Information in this document applies to any platform. SymptomsWhen trying to change the share quota the browser UI gets the error "Unknown user", and CLI will get the error "error: invalid property value "undefined" for "com.sun.ak:acl": Unknown or invalid user" CauseThe appliance could not properly map the UID for the one named user in the root ACL so it could not be removed from the BUI. Commonly the ACL will contain an entry set from one of the clients for a client local user, and not an AD/NIS/LDAP user. SolutionTo find out the ACL entry causing this you will need to check each named user entry in the root ACL of the share in the idmap cache. The root ACL can be found under Shares -> <affected share> -> Access in the browser UI. Looking at the idmap-cache the named user that could not properly be mapped had a SID that was very much shorter than a proper SID. The SID's for the users in the ACL can bee looked up under Configuration -> Services -> Identity Mapping -> Mappings, where you can lookup each individual user to see if the mapped SID looks strange. For reference an example of a normal SID is: S-1-5-21-3265591825-2404522831-4215850146-46613 If the SID is considerably shorter than the example, it is most likely causing this issue as it is normally a local user in one of the attached clients, thus it cannot be mapped properly by the appliance. Currently the only way to properly remove the invalid ACE is by deleting it from a client system, for windows systems this can take a little while as the ACL will be removed for all directory and file entries in the share. Once the ACE is removed, changing the quota is again possible. Attachments This solution has no attachment |
||||||||||||||||
|