NSS3000 share permissions problems. Domain joined

Unanswered Question
Feb 17th, 2010
User Badges:

Hi,


NSS was added with success to our domain but i can't set-up "Share Access Privileges". Users/Group are displayed on the left column, could be "added" to the right but after "Update" push .. don't appear. Of course, users can't map any volume related to NSS.

We have NSS3000 with 1.16-3 FW version (last from Cisco download section). Tried with different accounts/groups without success, tried to re-join, rename host and any other things...no success...


There are a few lines from log:

Feb 18 00:48:19 99.99.99.99 [apache]: Alter ACLs on /mnt/RAIDA/Storage1/storage1 {SOMEDOMAIN\\username} {}
Feb 18 00:48:19 99.99.99.99 [apache]: Set user SOMEDOMAIN\\username for writing
Feb 18 00:48:19 99.99.99.99 [apache]: /bin/setfacl -m user:'SOMEDOMAIN\username':r-x /mnt/RAIDA/Storage1/storage1
Feb 18 00:48:19 99.99.99.99 [apache]: setfacl: Option -m: Invalid argument near character 6
Feb 18 00:48:19 99.99.99.99 [apache]: Error [2] setting user SOMEDOMAIN\username to writable on /mnt/RAIDA/Storage1/storage1


Thank you,


Edi

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Alejandro Gallego Thu, 02/18/2010 - 06:08
User Badges:
  • Cisco Employee,

From your problem description it appears that your domain NetBIOS name may be different from your domain name. In other words your FQDN  may be something like this:

"somedomain.local"

but your NetBIOS name is this:

"mydomain" instead of "somedomain"


If this is correct it may be extremely difficult to correct this behavior.

Please let us know if you are using server 2003 / 2008 and if you have miltiple DCs what version of MS server is your PDC?


Thank you.

eduard.dorin Thu, 02/18/2010 - 06:27
User Badges:

Problem seems to be solved.

My domain name is like "somedomain.local". After changing "Active Directory Domain" to "somedomain-local" and re-join and ignoring NSS error/warning pop-up and after waiting few minutes, all things goes well.

First time i tried the same things , but i was confused by pop-up messages.


We have 3 local DC with 2000-2003-2008 and other DC's on remote sites. We with a local 2003 PDC.


Thank you.

Actions

This Discussion