I am using latest SmartOS release and created a smartos zone and configured it to use the kernel based cifs server. I am able to connect to the server and write to it but am unable to make any permissions changes on the share, folder, or files. I joined the zone to Active Directory and that part is working. I am a Domain Admin on our University network so that shouldn't be a problem. I even see the zone as a machine account in my managed OU. Is there anything I might be missing in the config below. (I have anonymized the config below)
Code:
SunOS isos 5.11 joyent_20160707T032945Z i86pc i386 i86pc Solaris
Not Global Zone
Configuring SMB in SmartOS - SmartOS Documentation - SmartOS Wiki
Joining SmartOS to an Active Directory domain - SmartOS Documentation - SmartOS Wiki
[root@isos /]# getent passwd domainuser@host.tld.edu
domainuser@host.tld.edu:x:0:2147483650:lastname, firstname::
[root@isos /isos]# sharemgr show -vp
default nfs=()
smb smb=()
isos=/isos "ISO Repo"
zfs
[root@isos /isos]# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: host/isos.host.tld.edu@HOST.TLD.EDU
Valid starting Expires Service principal
07/14/16 18:31:54 07/15/16 04:31:54 krbtgt/HOST.TLD.EDU@HOST.TLD.EDU
07/14/16 18:31:55 07/15/16 04:31:54 ldap/dc06.host.tld.edu@
07/14/16 18:31:55 07/15/16 04:31:54 ldap/dc06.host.tld.edu@HOST.TLD.EDU
07/14/16 19:04:30 07/15/16 04:31:54 ldap/dc03.host.tld.edu@
07/14/16 19:04:30 07/15/16 04:31:54 ldap/dc03.host.tld.edu@HOST.TLD.EDU
07/14/16 19:20:49 07/15/16 04:31:54 ldap/dc05.host.tld.edu@
07/14/16 19:20:49 07/15/16 04:31:54 ldap/dc05.host.tld.edu@HOST.TLD.EDU
07/14/16 19:53:44 07/15/16 04:31:54 ldap/dc01.host.tld.edu@
07/14/16 19:53:44 07/15/16 04:31:54 ldap/dc01.host.tld.edu@HOST.TLD.EDU
[root@isos /]# /usr/bin/ls -dV isos
drwxrwxrwx 6 admin staff 6 Jul 14 18:15 isos
owner@:rwxp-DaARWcCos:-------:allow
group@:rwxp-Da-R-c--s:-------:allow
everyone@:rwxp-Da-R-c--s:-------:allow
[root@isos /]# smbadm show -m
administrators (Members can fully administer the computer/domain)
SID: S-1-5-32-544
Members:
DomainAdmin@HOST.TLD.EDU
Domain_Group@HOST.TLD.EDU
CAMPUS\admin
backup operators (Members can bypass file security to back up files)
SID: S-1-5-32-551
No members
power users (Members can share directories)
SID: S-1-5-32-547
Members:
DomainUsers@HOST.TLD.EDU
[root@isos /]# idmap list
add winuser:DomainAdmin@host.tld.edu unixuser:root
add "wingroup:Domain_Group@host.tld.edu" unixgroup:root
Last edited: