Adding a user or group to a CIFS audit share
Suggest changes
PDFs
You can add a user or group to a CIFS audit share that is integrated with AD authentication.
-
You must have the
Passwords.txtfile with the root/admin account password (available in the SAID package). -
You must have the
Configuration.txtfile (available in the SAID package).
The following procedure is for an audit share integrated with AD authentication.
|
Audit export through CIFS/Samba has been deprecated and will be removed in a future StorageGRID release. |
-
Log in to the primary Admin Node:
-
Enter the following command:
ssh admin@primary_Admin_Node_IP -
Enter the password listed in the
Passwords.txtfile. -
Enter the following command to switch to root:
su - -
Enter the password listed in the
Passwords.txtfile.When you are logged in as root, the prompt changes from
$to#.
-
-
Confirm that all services have a state of Running or Verified. Enter:
storagegrid-statusIf all services are not Running or Verified, resolve issues before continuing.
-
Return to the command line, press Ctrl+C.
-
Start the CIFS configuration utility:
config_cifs.rb--------------------------------------------------------------------- | Shares | Authentication | Config | --------------------------------------------------------------------- | add-audit-share | set-authentication | validate-config | | enable-disable-share | set-netbios-name | help | | add-user-to-share | join-domain | exit | | remove-user-from-share | add-password-server | | | modify-group | remove-password-server | | | | add-wins-server | | | | remove-wins-server | | ---------------------------------------------------------------------
-
Start adding a user or group:
add-user-to-shareA numbered list of audit shares that have been configured is displayed.
-
When prompted, enter the number for the audit share (audit-export):
audit_share_numberYou are asked if you would like to give a user or a group access to this audit share.
-
When prompted, add a user or group:
userorgroup -
When prompted for the user or group name for this AD audit share, enter the name.
The user or group is added as read-only for the audit share both in the server's operating system and in the CIFS service. The Samba configuration is reloaded to enable the user or group to access the audit client share.
-
When prompted, press Enter.
The CIFS configuration utility is displayed.
-
Repeat these steps for each user or group that has access to the audit share.
-
Optionally, verify your configuration:
validate-configThe services are checked and displayed. You can safely ignore the following messages:
-
Can't find include file /etc/samba/includes/cifs-interfaces.inc
-
Can't find include file /etc/samba/includes/cifs-filesystem.inc
-
Can't find include file /etc/samba/includes/cifs-custom-config.inc
-
Can't find include file /etc/samba/includes/cifs-shares.inc
-
When prompted, press Enter to display the audit client configuration.
-
When prompted, press Enter.
-
-
-
Close the CIFS configuration utility:
exit -
Determine if you need to enable additional audit shares, as follows:
-
If the StorageGRID deployment is a single site, go to the next step.
-
If the StorageGRID deployment includes Admin Nodes at other sites, enable these audit shares as required:
-
Remotely log in to a site's Admin Node:
-
Enter the following command:
ssh admin@grid_node_IP -
Enter the password listed in the
Passwords.txtfile. -
Enter the following command to switch to root:
su - -
Enter the password listed in the
Passwords.txtfile.
-
-
Repeat these steps to configure the audit shares for each Admin Node.
-
Close the remote secure shell login to the remote Admin Node:
exit
-
-
-
Log out of the command shell:
exit