Windows users can create files in world-writable Qumulo NFS share but Linux users cant

Question

I have a Windows domain and a domain joined Windows client and a domain joined SSSD Linux client

The Qumulo storage array is serving a share I'm looking at here and contains mostly world writable directories:

drwxrwxrwx 49 guy   guygroup     19064 May  1 13:42 .

Standard Windows domain users without special permissions for this directory for example can make folders and files here. But on Linux they can't.

The linux box when you id USERNAME gives you all the AD groups the user is in so we know that at least is working.

So I thought the Qumulo must be looking at the linux UIDs like 120003 but what it really needs to make changes to these shares is the user's actual AD SID.

sssd.conf contains

ldap_id_mapping = True

but UID is not SID.

Am I looking in the right place? Does anyone have experience with such an issue, especially with Qumulo?

score 1 · Answer 1 · answered Jun 10 '22 at 18:36

1

In order to make directories and files on a world writable NFS share as seen above, the users linux UID needs to be copied into the uid or uidNumber attribute of the user's active directory object.

answered Jun 10 '22 at 18:36

bluesquare

37
1
8

Windows users can create files in world-writable Qumulo NFS share but Linux users cant

1 Answers1