[gpfsug-discuss] CES and mmuserauth command
Jan-Frode Myklebust
janfrode at tanso.net
Fri Aug 26 10:59:34 BST 2016
On Fri, Aug 26, 2016 at 1:49 AM, Christof Schmitt <
christof.schmitt at us.ibm.com> wrote:
>
> When joinging the AD domain, --user-name, --password and --server are only
> used to initially identify and logon to the AD and to create the machine
> account for the cluster. Once that is done, that information is no longer
> used, and e.g. the account from --user-name could be deleted, the password
> changed or the specified DC could be removed from the domain (as long as
> other DCs are remaining).
>
>
That was my initial understanding of the --user-name, but when reading the
man-page I get the impression that it's also used to do connect to AD to do
user and group lookups:
------------------------------------------------------------------------------------------------------
‐‐user‐name userName
Specifies the user name to be used to perform operations
against the authentication server. The specified user
name must have sufficient permissions to read user and
group attributes from the authentication server.
-------------------------------------------------------------------------------------------------------
Also it's strange that "mmuserauth service list" would list the USER_NAME
if it was only somthing that was used at configuration time..?
-jf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20160826/7e01e313/attachment-0002.htm>
More information about the gpfsug-discuss
mailing list