Samba user quota implementation question
krishna.harathi at storagecraft.com
Wed May 27 22:16:18 UTC 2020
On the contrary; normally, there is no passwd entry made for a AD user in the local password file.
The set user-quota (for a user user-quota was not set before) is working fine as intended without any manual addition to local password file.
I have to manually add the uid/gid entry of the SID/GID of the user authenticated/authorized by AD, in order for the windows client to list/show the user that has user-quota already set.
My question is - is it expected to find the subset of AD users with user-quota set in the local password file ?
I am trying to figure out if there is any other way to accomplish windows client listing existing quota without this manual intervention.
But if this is expected, I will find a way to make those entries in the local password file when a quota for a new user is set.
Hope this explanation helps to describe the problem more. I will post the actual smb.conf file asap (not available at this moment). We have the "get quota command" and "set quota command" values and AD server with idmap "backend = autorid" and range configured.
On 5/27/20, 12:53 PM, "samba-technical on behalf of Rowland penny via samba-technical" <samba-technical-bounces at lists.samba.org on behalf of samba-technical at lists.samba.org> wrote:
***EXTERNAL SENDER. Only open links and attachments from known senders. DO NOT provide your username or password.***
On 27/05/2020 20:42, Krishna Harathi via samba-technical wrote:
> Our OneXafe FS supports share/fs level quota using smb.conf “set quota command” and “get quota command”.
> We are currently extending support to user-level quotas using the same interface, when Samba smbd is an AD DC member.
> Setting user quota from a windows client is working as expected. But once quota is set, none of the users are listed in the quota’s pop-up window, so cannot delete or modify quota properties. Moreover, creating a new quota entry for the same user is generating a “quota entry already exists for this user” error.
> By tracing get/set requests to our file server, I see that our FS server is receiving a get request for Samba for every user entry in the local password file, but none for the UID of the DC member user. But I do see a default quota get request for the group GID.
> The problem seems to be that the get/set command interface does not obviously support a “list” user quota api to the hosting FS.
> Questions on this – We can post and manage user entry (host-local uid/gid) corresponding to the DC user sid/gid whenever a “set user quota” is received. I did verify that when an entry is made manually, windows user quota workflow behaves as expected. Is the problem assumption correct and is this a way to implement? Is there a better way, given the constraints?
> We are using Samba 4.7.11 patched with https://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.samba.org%2Fshow_bug.cgi%3Fid%3D13553%23c17&data=01%7C01%7Ckrishna.harathi%40storagecraft.com%7Cb00f68c028324ea5ece308d80277a7c3%7C99f4e3c9bed5443dbd532b3f22d4eddf%7C0&sdata=T6FbBy04TqSxJ%2FFx%2BZ3nVF29h%2BoHdNEqqIwuZXzm0hY%3D&reserved=0 fix for 4.7.
> Any help is this issue is much appreciated in advance.
> Krishna Harathi
From reading the above, it looks like you are saying that you have the
same users in /etc/passwd and AD, is this correct ?
Can you also please post the entire smb.conf you are using on the OneXafe.
More information about the samba-technical