- Notes, cautions, and warnings
- Additional Resources
- Overview
- Deep dive: File system security and access in a multiprotocol environment
- Configure a NAS server for multiprotocol file sharing
- Configuring NAS servers for multiprotocol file sharing
- Create a NAS server for multiprotocol file sharing (SMB and NFS)
- Configure a NAS server UNIX Directory Service
- Upload or view an LDAPS CA certificate for a NAS server
- Change NAS server UNIX credential settings
- Configuring user mappings for multiprotocol NAS servers
- Change NAS server user mappings
- Configure a file system for multiprotocol file sharing
- Configure shares
- Enable multiprotocol file sharing on an existing NAS server
- Configure distributed file system and widelinks
- Troubleshooting a multiprotocol configuration
Dell PowerStore Configuring Multiprotocol File Sharing
SID to UID and primary GID mapping
The following sequence is the process that is used to resolve an SID to a UID, primary GID mapping:
- secmap is searched for the SID. If the SID is found, the UID and primary GID mappings are resolved.
- If the SID is not found in secmap, the Windows username that is related to the SID must be found.
- The local group database (LGDB) is searched for the SID to determine if the user is local. If the SID is found, the related Windows name is SMB_SERVER\USER. Since it is a local user for SMB-only access, no UNIX mapping is required.
- If the SID is not found in the LGDB, the DC of the domain is searched. If the SID is found in the domain, the related Windows name is DOMAIN\USER.
- If the SID cannot be resolved, access is denied. The failed mapping is added to the persistent secmap database.
- If the default UNIX account is not used, the Windows name is translated to the UNIX name using ntxmap.
- If the Windows name is found in ntxmap, the entry is used as the UNIX name.
- If the Windows name is not found in ntxmap, or if ntxmap is disabled, the Windows name is used as the UNIX name.
- The local files or UDS is searched using the UNIX name to find the UID and primary GID.
- If the UNIX username is found, the UID and primary GID mapping is resolved. The successful mapping is added to the persistent secmap database.
- If the UNIX username is not found, but the automatic mapping for unmapped Windows accounts feature is enabled, the UID is automatically assigned. The successful mapping is added to the persistent secmap database.
- If the UNIX username is not found, but a default UNIX account, the UID and primary GID mapping are mapped to that of the default UNIX account. The failed mapping is added to the persistent secmap database.
- If the UNIX username cannot be resolved, access is denied. The failed mapping is added to the persistent secmap database.
If the mapping is found, it is added in the persistent secmap database. If the mapping is not found, the failed mapping is added to the persistent secmap database.
The following diagram illustrates the process that is used to resolve an SID to a UID, primary GID mapping:
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\