[gpfsug-discuss] Active Directory Authentification

Sun May 19 20:30:06 BST 2019

Hi,

I'm planning to integrate Active Directory with our Spectrum Scale, but it
seems i'm missing out something, please note that i'm on a 2 protocol nodes
with only service SMB running Spectrum Scale 5.0.3.0 (latest version). I've
tried from the gui the two ways, connect to Active Directory, and the other
to LDAP.

*Connect to LDAP : *
mmuserauth service create --data-access-method 'file' --type 'LDAP'
--servers 'powermdomain.powerm.ma:389' --user-name
'cn=walid,cn=users,dc=powerm,dc=ma' --pwd-file 'auth_pass.txt'
--netbios-name 'scaleces' --base-dn 'cn=users,dc=powerm,dc=ma'
7:26 PM
Either failed to create a samba domain entry on LDAP server if not present
or could not read the already existing samba domain entry from the LDAP
server
7:26 PM
Detailed message:smbldap_search_domain_info: Adding domain info for
SCALECES failed with NT_STATUS_UNSUCCESSFUL
7:26 PM
pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the
domain. We cannot work reliably without it.
7:26 PM
pdb backend ldapsam:"ldap://powermdomain.powerm.ma:389" did not correctly
init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO)
7:26 PM
WARNING: Could not open passdb
7:26 PM
File authentication configuration failed.
7:26 PM
mmuserauth service create: Command failed. Examine previous error messages
to determine cause.
7:26 PM
Operation Failed
7:26 PM
Error: Either failed to create a samba domain entry on LDAP server if not
present or could not read the already existing samba domain entry from the
LDAP server
Detailed message:smbldap_search_domain_info: Adding domain info for
SCALECES failed with NT_STATUS_UNSUCCESSFUL
pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the
domain. We cannot work reliably without it.
pdb backend ldapsam:"ldap://powermdomain.powerm.ma:389" did not correctly
init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO)
WARNING: Could not open passdb
File authentication configuration failed.
mmuserauth service create: Command failed. Examine previous error messages
to determine cause.

*Connect to Active Directory : *
mmuserauth service create --data-access-method 'file' --type 'AD' --servers
'192.168.56.5' --user-name 'walid' --pwd-file 'auth_pass.txt'
--netbios-name 'scaleces' --idmap-role 'MASTER' --ldapmap-domains 'powerm.ma
(type=stand-alone:ldap_srv=192.168.56.5:
range=-9000000000000000-4294967296:usr_dn=cn=users,dc=powerm,dc=ma:grp_dn=cn=users,dc=powerm,dc=ma:bind_dn=cn=walid,cn=users,dc=powerm,dc=ma:bind_dn_pwd=P at ssword
)'
7:29 PM
mmuserauth service create: Invalid parameter passed for --ldapmap-domain
7:29 PM
mmuserauth service create: Command failed. Examine previous error messages
to determine cause.
7:29 PM
Operation Failed
7:29 PM
Error: mmuserauth service create: Invalid parameter passed for
--ldapmap-domain
mmuserauth service create: Command failed. Examine previous error messages
to determine cause.
-- 
Best regards,

Walid Largou
Senior IT Specialist
Power Maroc
Mobile : +212 62 <+212%20661%2015%2021%2055>1 31 98 71
Email: l.walid at powerm.ma <y.largou at powerm.ma>
320 Bd Zertouni 6th Floor, Casablanca, Morocco
https://www.powerm.ma

This message is confidential .Its contents do not constitute a commitment
by Power Maroc S.A.R.L except where provided for in a written agreement
between you and Power Maroc S.A.R.L. Any authorized disclosure, use or
dissemination, either whole or partial, is prohibited. If you are not the
intended recipient of the message, please notify the sender immediately.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20190519/8227adec/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PastedGraphic-2.png
Type: image/png
Size: 10214 bytes
Desc: not available
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20190519/8227adec/attachment-0001.png>