Active Directory Configuration

From OSNEXUS Online Documentation Site
Jump to: navigation, search

QuantaStor integrates with Microsoft Active Directory (AD) for the purposes of assigning access to Network Shares to AD users and groups. Being Linux based QuantaStor uses a service called winbind to map AD users to local Linux users and groups. This process involves mapping the Windows user IDs (SIDs) to Unix user IDs and groups (UID/GIDs) and QuantaStor provides a few options for ID mapping.

Navigation: Storage Management --> Network Shares --> Active Directory --> Join AD Domain (toolbar)

ID Mapping

Access Microsoft Active Directory for the purposes of assigning access to Network Shares to AD users and groups.
  • Relative ID (RID)

RID mode is the recommended configuration for most systems as it provides a generated relative ID for each user that will generally be the same across all appliances that you deploy.

  • Trivial DB (TBD)

TDB is a basic mode which allocates an ID for each user starting with 600 and going up from there. (note: edit the /etc/smb.conf file to adjust the starting offset). TDB is not recommended for configurations with more than one QuantaStor appliance as there's a high probability that the UIDs for a given AD user will be different on each appliance and this will cause problems especially when using scale-out Gluster Volumes.

  • Active Directory managed Unix UID/GIDs (AD)

This is the ideal mode as all your users's UIDs and GIDs are centrally managed by your AD server. This mode does require additional configuration steps on your Windows 2008 or newer AD server.

  • Auto Relative ID (autorid)

Similar to the RID mode but has the advantage of generating relative IDs for different users across multiple domains without additional ID range selection configuration steps.


Return to the QuantaStor Web Admin Guide