Hi all,
We're starting to roll out a new ClearCase instance here, and we're taking advantage of the support between Rational and Network Appliance to put all the data onto our F760 running 6.3.1 with both NFS and CIFS licenses. The VOB and View servers just run the lock managers and other processes. The clients (NT and Linux) just access the storage directly from the NetApp after getting the info they need from the VOB/View servers.
We've setup a seperate volume for ClearCase (CC) VOBs and VIEWs with mixed security settings. The problem is that running as root on one of the ClearCase servers, we cannot remove a file that was created by a user running on a PC with CC client software.
Our infrastructure is pretty simple, with just one NIS domain and one NT domain to work with. But because our corporate IT group won't give us a short group name in the Win2K domain, we're forced to use the unix username of 'mss-vobadm' with an NT username of NA05\sa106068ccalbd. We've got a usermap.cfg as shown below.
Does anyone have any hints on how we can fix this up, or track down the proper setup for this environment?
NA05\sa106068ccalbd => mss-vobadm NA05\sa106068ccalbd <= root
And we've tried to use the following cifs options:
> options cifs cifs.audit.enable off cifs.audit.file_access_events.enable on cifs.audit.logon_events.enable on cifs.audit.logsize 524288 cifs.audit.saveas /etc/log/adtlog.evt cifs.bypass_traverse_checking on cifs.comment cifs.guest_account cifs.home_dir cifs.home_dir_namestyle cifs.idle_timeout 1800 cifs.max_mpx 50 cifs.netbios_aliases cifs.netbios_over_tcp.enable on cifs.nfs_root_ignore_acl on cifs.oplocks.enable on cifs.oplocks.opendelta 8 cifs.per_client_stats.enable off cifs.perm_check_ro_del_ok on cifs.perm_check_use_gid on cifs.restrict_anonymous.enable off cifs.save_case on cifs.scopeid cifs.search_domains cifs.show_snapshot off cifs.shutdown_msg_level 2 cifs.sidcache.enable on cifs.sidcache.lifetime 1440 cifs.snapshot_file_folding.enable off cifs.symlinks.cycleguard on cifs.symlinks.enable on cifs.trace_login off cifs.wins_servers X,Y,Z
Along with the following for share security:
tswtoast> cifs shares Name Mount Point Description ---- ----------- ----------- vobstg /vol/ccvol/vobstg everyone / Full Control mss-ccase{g} / Full Control mss-eng{g} / Full Control NA05\sa106068ccalbd / Full Control viewstg /vol/ccvol/viewstg everyone / Full Control mss-eng{g} / Full Control NA05\sa106068ccalbd / Full Control clearcase /vol/vol0/clearcase everyone / Full Control
Any hints or help would be appreciated.
Thanks, John John Stoffel - Senior Unix Systems Administrator - Lucent Technologies stoffel@lucent.com - http://www.lucent.com - 978-399-0479