Hi. I originally posted this in the sharing forum before I realized it was really an user authentication issue.
I am running Freenas 11.1-U6, upgraded from Freenas 9 about 3 months ago and working well. I took the system down last week to reconfigure the locations of some disks in the machine to prepare to add a new volume later. The system came back up fine, but NFS sharing is not working.
I have 2 volumes that are shared via CIFS and user identities mapped in an Active Directory domain. This all works fine and wbinfo -u , wbinfo -g, etc... shows all the AD users and groups, and the windows systems can access the volumes just fine.
I have a linux machine that accesses these same volumes via NFS, and I use mapall in the NFS sharing menu to set all the accesses to a windows domain user owner and group. The linux server runs a DVR, and I want to map all the recordings to common windows user so they can be accessed by a variety of systems via CIFS. However, after the reboot, the NFS share on the linux system isn't writeable. When I looked at the NFS share, I can't save the share with the parameters that worked before, because mapall can't select any of the windows domain users, only the users registered on the freenas server. None of the windows domain users show up in any permissions menu options on the system.
This used to work just fine, and it worked after my cutover to Freenas 11.1-U5. But after my reboot last week, it's won't save the NFS share configuration with the same settings it was running before the reboot.
I just upgraded to U6, but that didn't fix the problem.
Does anyone know what the issue could be?
Here is my parms file in case that's useful (edited a bit for privacy):
# Global parameters
[global]
dos charset = CP437
multicast dns register = No
realm = XXX.NET
server string = FreeNAS Server
workgroup = YYY
domain master = No
lm announce = Yes
local master = No
preferred master = No
nsupdate command = /usr/local/bin/samba-nsupdate -g
client ldap sasl wrapping = plain
logging = syslog:1
max log size = 51200
kernel change notify = No
panic action = /usr/local/libexec/samba/samba-backtrace
disable spoolss = Yes
load printers = No
printcap name = /dev/null
map to guest = Bad User
obey pam restrictions = Yes
security = ADS
server role = member server
deadtime = 15
max open files = 1885304
template shell = /bin/sh
winbind cache time = 7200
winbind enum groups = Yes
winbind enum users = Yes
winbind offline logon = Yes
winbind refresh tickets = Yes
dns proxy = No
idmap config YYY: schema mode = rfc2307
idmap config YYY: range = 10000-90000000
idmap config YYY: backend = ad
idmap config *: range = 90000001-100000000
idmap config * : backend = tdb
store dos attributes = Yes
strict locking = No
directory name cache size = 0
dos filemode = Yes
acl allow execute always = Yes
ea support = Yes
create mask = 0666
directory mask = 0777
[MP3 Library]
path = "/mnt/Media/Files/MP3 Library"
veto files = /.snapshot/.windows/.mac/.zfs/
guest ok = Yes
read only = No
vfs objects = zfs_space zfsacl streams_xattr
zfsacl:acesort = dontcare
nfs4:chown = true
nfs4:acedup = merge
nfs4:mode = special
[Media]
path = "/mnt/Media"
veto files = /.snapshot/.windows/.mac/.zfs/
read only = No
vfs objects = zfs_space zfsacl
zfsacl:acesort = dontcare
nfs4:chown = true
nfs4:acedup = merge
nfs4:mode = special
[Media2]
path = "/mnt/Media22"
veto files = /.snapshot/.windows/.mac/.zfs/
read only = No
vfs objects = zfs_space zfsacl
zfsacl:acesort = dontcare
nfs4:chown = true
nfs4:acedup = merge
nfs4:mode = special
thanks!
Mike
I am running Freenas 11.1-U6, upgraded from Freenas 9 about 3 months ago and working well. I took the system down last week to reconfigure the locations of some disks in the machine to prepare to add a new volume later. The system came back up fine, but NFS sharing is not working.
I have 2 volumes that are shared via CIFS and user identities mapped in an Active Directory domain. This all works fine and wbinfo -u , wbinfo -g, etc... shows all the AD users and groups, and the windows systems can access the volumes just fine.
I have a linux machine that accesses these same volumes via NFS, and I use mapall in the NFS sharing menu to set all the accesses to a windows domain user owner and group. The linux server runs a DVR, and I want to map all the recordings to common windows user so they can be accessed by a variety of systems via CIFS. However, after the reboot, the NFS share on the linux system isn't writeable. When I looked at the NFS share, I can't save the share with the parameters that worked before, because mapall can't select any of the windows domain users, only the users registered on the freenas server. None of the windows domain users show up in any permissions menu options on the system.
This used to work just fine, and it worked after my cutover to Freenas 11.1-U5. But after my reboot last week, it's won't save the NFS share configuration with the same settings it was running before the reboot.
I just upgraded to U6, but that didn't fix the problem.
Does anyone know what the issue could be?
Here is my parms file in case that's useful (edited a bit for privacy):
# Global parameters
[global]
dos charset = CP437
multicast dns register = No
realm = XXX.NET
server string = FreeNAS Server
workgroup = YYY
domain master = No
lm announce = Yes
local master = No
preferred master = No
nsupdate command = /usr/local/bin/samba-nsupdate -g
client ldap sasl wrapping = plain
logging = syslog:1
max log size = 51200
kernel change notify = No
panic action = /usr/local/libexec/samba/samba-backtrace
disable spoolss = Yes
load printers = No
printcap name = /dev/null
map to guest = Bad User
obey pam restrictions = Yes
security = ADS
server role = member server
deadtime = 15
max open files = 1885304
template shell = /bin/sh
winbind cache time = 7200
winbind enum groups = Yes
winbind enum users = Yes
winbind offline logon = Yes
winbind refresh tickets = Yes
dns proxy = No
idmap config YYY: schema mode = rfc2307
idmap config YYY: range = 10000-90000000
idmap config YYY: backend = ad
idmap config *: range = 90000001-100000000
idmap config * : backend = tdb
store dos attributes = Yes
strict locking = No
directory name cache size = 0
dos filemode = Yes
acl allow execute always = Yes
ea support = Yes
create mask = 0666
directory mask = 0777
[MP3 Library]
path = "/mnt/Media/Files/MP3 Library"
veto files = /.snapshot/.windows/.mac/.zfs/
guest ok = Yes
read only = No
vfs objects = zfs_space zfsacl streams_xattr
zfsacl:acesort = dontcare
nfs4:chown = true
nfs4:acedup = merge
nfs4:mode = special
[Media]
path = "/mnt/Media"
veto files = /.snapshot/.windows/.mac/.zfs/
read only = No
vfs objects = zfs_space zfsacl
zfsacl:acesort = dontcare
nfs4:chown = true
nfs4:acedup = merge
nfs4:mode = special
[Media2]
path = "/mnt/Media22"
veto files = /.snapshot/.windows/.mac/.zfs/
read only = No
vfs objects = zfs_space zfsacl
zfsacl:acesort = dontcare
nfs4:chown = true
nfs4:acedup = merge
nfs4:mode = special
thanks!
Mike
