How to enable authenticated access to Windows NFS shares from Solaris 5.10?
5,168
We're serving some NFS shares from a Windows Server 2008 R2 x64 machine,
There's your problem right there.
All kidding aside, setting up proper authentication isn't too bad with Services for NFS on Windows. Here's a guide from microsoft with all the relevant details: http://technet.microsoft.com/en-us/library/dd758767%28WS.10%29.aspx
Related videos on Youtube
Author by
alekz
Pragmatic Go/Rust/JavaScript ++ software engineer Homepage GitLab LinkedIn profile
Updated on September 17, 2022Comments
-
alekz almost 2 years
We're serving some NFS shares from a Windows Server 2008 R2 x64 machine, that are accessed by Solaris 5.10 clients. How do we configure authentication so that a certain group have write permission to the shares from Solaris? Thanks for any help! :)
-
alekz over 13 yearsHaving experimented a bit, it doesn't seem like giving RW access to my netgroup makes any difference though? So long as all machines were given RW access, I could write to the mounted share if and only if I had Unix-level write access on the client. When I tried taking away write access from all machines on the server, I couldn't write even if my netgroup had write access. Could you provide some instructions on how to mount a Windows NFS share correctly from a Solaris client?
-
Hyppy over 13 yearsI'm not following what you're asking. When you mount an NFS share, you're going to be passing your current user information, which should be mapped to a username on the Windows server. Information about advanced mapping on Windows is here: go.microsoft.com/fwlink/?LinkId=127917
-
alekz over 13 yearsThanks for the user name mapping info. Part of the problem, though, is that we can't see any way to specify whom to mount as on Solaris. Are you sure user name mapping, as described in that article, is still available in 2008 R2 though? I suspect it's been removed.
-
alekz over 13 yearsIt appears I should actually use Active Directory user lookup, in order to map the Unix user who's mounted a share to an AD account.
-
Hyppy over 13 yearsI'm 99% sure that the user that is accessing the data is what the permissions are based on. The link that I provided is what is linked off the answer's Technet article, which applies to 2008 R2. It should still be applicable. I apologize though, the comment link was for simple mapping. A more complete guide is here: microsoft.com/downloads/en/…
-
alekz over 13 yearsThanks. Do you know how to specify user to mount as in /etc/vfstab on Solaris 5.10, though?
-
Hyppy over 13 yearsIt's not set in the vfstab. That just creates the mount, but the effective user permissions depend on the logged in user interacting with the mounted file system. There's a more in-depth guide about Solaris 10 NFS usage here: scribd.com/doc/3469690/Solaris-10-NFS
-
alekz over 13 yearsSo given that there's a Unix group "build"; how can "build" members get write permission to a mounted Windows NFS share? Will "build" have write permission on the Unix client if mapped (via AD lookup) to a group on the server with write permission?