No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


homedir User Permission and Quota Issues of a Desktop Cloud N8000 System

Publication Date:  2014-09-23 Views:  176 Downloads:  0
Issue Description
Product version involved: N8500 V200R001
Application scenario: homedir
When a user of the desktop cloud accesses its homedir directory, the system indicates that the user has no permission, and the user's quota is displayed as the file system quota.
Alarm Information
Handling Process
Step 1 Delete the old homedir directory.
1. Log in to the N8000 CLI as user master.
2. Run cifs homedir delete $username $domain to delete the homedir directory of user $username in the $domain domain.
Step 2 Mount homedir share onto the client and access it again.
Root Cause
The log dated April 25 shows that the user tried to create the My Documents directory and a file, but the system returned an error message stating that the file already existed.

Therefore, when the upper-layer application was initializing, some directories including the My Documents directory already existed.
After the user logged in to the N8000 system again to check the creation time of these directories, the results showed that the directories had been created in January 2013.

The analysis of logs on January 15, 2013 showed that user 000023xx logged in to the system and the user identifier (UID) of the domain user mapped to the N8000 was 11259.

However, a log generated in April showed that the UID of user 000023xx is 17002.
After the N8000 is added to an AD domain, the UID should have stayed unchanged if the mapping rules from AD domain user security identifier(SID) to N8000 UID do not change. If the UID changes, two causes are possible.
1. The UID mapping rules of the N8000 have changed. According to the analysis of group identifier or GID (10513, domain users), the N8000 mapping rules have not changed. Therefore, the difference must have been caused by the second reason.
2. The SID of the AD domain user has changed. For example, user 000023xx is created and deleted, and then the same account is created again. Although the two accounts have the same user name, their SIDs in the AD domain differ.
Based on the preceding analysis, the user has no access permission because two accounts of the same user name (000023xx) are created but their SIDs differ. The user quota is the same as the file system quota because no quota has been set for the user. Therefore, the user sees the storage space of the entire file system.

If you delete a user account on a domain and create another account of the same user name, the SIDs of the two accounts are different and will cause issues including lack of share access permission.
In this case, delete the homedir directory related to the former user account. Then you can access the new homedir directory.