Red Hat Bugzilla – Bug 1460300
Failed to add AD domain user to access the gluster volume in windows client.
Last modified: 2017-06-13 01:19:54 EDT
Description of problem:
The customer deployed a 6 nodes RHGS 3.2 system and created a 8x(4+2) EC volume.
They are using a windows 7 client to access the volume, and have 3 AD server to store user info.
RHGS has joined one of them(domainA), and the other two(domainB and domainC) have a trusted relationship with domainA.
Now they are facing an issue when they want to add domain user who has a "_" in the user name to access the volume. Here is their steps
1. right click the folder or file in the volume, and select property
2. click the security tab and click "edit"
3. when they try to add new user to the "Group and User",
For all the users from domainB, the operation is succeed
For the Administrator from domainA , the operation is succeed.
For the users from domainA, who has a "_" in the user name, the operation will get failed e.x. hoge_hoge
they have checked and set " winbind normalize names = no " in smb.conf.
Version-Release number of selected component (if applicable):
gluster-nagios-addons-0.2.8-1.el7rhgs.x86_64 Fri Apr 7 10:30:51 2017
gluster-nagios-common-0.2.4-1.el7rhgs.noarch Fri Apr 7 10:23:20 2017
glusterfs-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:27:52 2017
glusterfs-api-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:28:00 2017
glusterfs-cli-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:22:31 2017
glusterfs-client-xlators-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:22:06 2017
glusterfs-fuse-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:28:12 2017
glusterfs-geo-replication-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:31:39 2017
glusterfs-libs-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:21:43 2017
glusterfs-rdma-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:29:42 2017
glusterfs-server-3.8.4-18.el7rhgs.x86_64 Fri Apr 7 10:31:38 2017
python-gluster-3.8.4-18.el7rhgs.noarch Fri Apr 7 10:23:32 2017
samba-vfs-glusterfs-4.4.6-4.el7rhgs.x86_64 Fri Apr 7 10:29:41 2017
vdsm-gluster-4.17.33-1.1.el7rhgs.noarch Fri Apr 7 10:31:56 2017
Steps to Reproduce:
1. click property and open security tab of a volume
2. click edit and add user to the "Groups and Users"
3. click OK
permission operation will failed if the user is from domainA and has a "_" in the user name.
permission operation should be succeed for all users from all domain.