We're serving some NFS shares from a Windows Server 2008 R2 x64 machine, that are accessed by Solaris 5.10 clients. How do we configure authentication so that a certain group have write permission to the shares from Solaris? Thanks for any help! :)
Asked
Active
Viewed 5,231 times
1 Answers
2
We're serving some NFS shares from a Windows Server 2008 R2 x64 machine,
There's your problem right there.
All kidding aside, setting up proper authentication isn't too bad with Services for NFS on Windows. Here's a guide from microsoft with all the relevant details: http://technet.microsoft.com/en-us/library/dd758767%28WS.10%29.aspx
Hyppy
- 15,458
- 1
- 37
- 59
-
Having experimented a bit, it doesn't seem like giving RW access to my netgroup makes any difference though? So long as all machines were given RW access, I could write to the mounted share if and only if I had Unix-level write access on the client. When I tried taking away write access from all machines on the server, I couldn't write even if my netgroup had write access. Could you provide some instructions on how to mount a Windows NFS share correctly from a Solaris client? – aknuds1 Mar 21 '11 at 17:01
-
I'm not following what you're asking. When you mount an NFS share, you're going to be passing your current user information, which should be mapped to a username on the Windows server. Information about advanced mapping on Windows is here: http://go.microsoft.com/fwlink/?LinkId=127917 – Hyppy Mar 21 '11 at 17:12
-
Thanks for the user name mapping info. Part of the problem, though, is that we can't see any way to specify whom to mount as on Solaris. Are you sure user name mapping, as described in that article, is still available in 2008 R2 though? I suspect it's been removed. – aknuds1 Mar 21 '11 at 17:26
-
It appears I should actually use Active Directory user lookup, in order to map the Unix user who's mounted a share to an AD account. – aknuds1 Mar 21 '11 at 17:43
-
I'm 99% sure that the user that is accessing the data is what the permissions are based on. The link that I provided is what is linked off the answer's Technet article, which applies to 2008 R2. It should still be applicable. I apologize though, the comment link was for simple mapping. A more complete guide is here: http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5f4c294c-8692-4235-8236-8ea809ae71f7 – Hyppy Mar 21 '11 at 17:43
-
Thanks. Do you know how to specify user to mount as in /etc/vfstab on Solaris 5.10, though? – aknuds1 Mar 21 '11 at 18:03
-
It's not set in the vfstab. That just creates the mount, but the effective user permissions depend on the logged in user interacting with the mounted file system. There's a more in-depth guide about Solaris 10 NFS usage here: http://www.scribd.com/doc/3469690/Solaris-10-NFS – Hyppy Mar 21 '11 at 18:13
-
So given that there's a Unix group "build"; how can "build" members get write permission to a mounted Windows NFS share? Will "build" have write permission on the Unix client if mapped (via AD lookup) to a group on the server with write permission? – aknuds1 Mar 21 '11 at 18:19