Isilon 스토리지 운영 명령 – Active Directory 연동 관련 환경

by · Published · Updated

# cat /etc/resolv.conf
# nslookup rntier.clx


# isi auth users list –domain=rntier.clx –verbose
——————————————————————————–
                    Name: RNTIER\dbear12
                      DN: CN=dbear12,OU=RNTIER Users,DC=rntier,DC=lgd
              DNS Domain: rntier.clx
                  Domain: RNTIER
                Provider: lsa-activedirectory-provider:RNTIER.CLX
        Sam Account Name: dbear12
                     UID: 1092
                     SID: S-1-5-21-1606638900-1484882705-658165593-2206
                 Enabled: Yes
                 Expired: No
                  Expiry: –
                  Locked: No
                   Email: –
                   GECOS: –
           Generated GID: No
           Generated UID: No
           Generated UPN: No
           Primary Group
                          ID : GID:1001
                        Name : –
          Home Directory: /home/dbear12
        Max Password Age: Never
        Password Expired: No
         Password Expiry: –
       Password Last Set: 2014-09-23T18:01:41
        Password Expires: No
                   Shell: /bin/bash
                     UPN: dbear12@RNTIER.CLX
User Can Change Password: Yes






# isi smb shares list
————————-
rnt_profile  /ifs/rnt_profile
ifs        /ifs          
userdata   /ifs/userdata
————————-




# isi status
Cluster Name: ISL-NAS
Cluster Health:     [  OK ]
Cluster Storage:  HDD                 SSD            
Size:             317T (325T Raw)     6.5T (6.5T Raw)
VHS Size:         7.6T                
Used:             11T (4%)            26G (< 1%)    
Avail:            306T (96%)          6.5T (> 99%)  


                   Health  Throughput (bps)  HDD Storage      SSD Storage
ID |IP Address     |DASR |  In   Out  Total| Used / Size     |Used / Size
——————-+—–+—–+—–+—–+—————–+—————–
  1|192.168.201.131 | OK  | 122M|  22M| 144M| 3.7T/ 106T(  4%)| 8.6G/ 2.2T(< 1%)
  2|192.168.201.132 | OK  | 852K|   12| 852K| 3.7T/ 106T(  4%)| 8.6G/ 2.2T(< 1%)
  3|192.168.201.133 | OK  |  285|    0|  285| 3.7T/ 106T(  4%)| 8.6G/ 2.2T(< 1%)
——————-+—–+—–+—–+—–+—————–+—————–
Cluster Totals:          | 123M|  22M| 145M|  11T/ 317T(  4%)|  26G/ 6.5T(< 1%)


     Health Fields: D = Down, A = Attention, S = Smartfailed, R = Read-Only    


Critical Events:




Cluster Job Status:


No running jobs.


No paused or waiting jobs.


No failed jobs.


Recent job results:                                                                                
Time            Job                        Event                          
————— ————————– ——————————
09/24 23:02:49  SnapshotDelete[280]        Succeeded (MEDIUM)
09/23 23:09:14  SnapshotDelete[279]        Succeeded (MEDIUM)
09/22 23:06:11  SnapshotDelete[278]        Succeeded (MEDIUM)
09/21 23:04:14  SnapshotDelete[277]        Succeeded (MEDIUM)
09/21 00:00:03  ShadowStoreDelete[276]     Succeeded (LOW)
09/20 23:00:09  SnapshotDelete[275]        Succeeded (MEDIUM)
09/20 01:10:06  MultiScan[273]             Succeeded (LOW)
09/19 23:08:22  MultiScan[272]             System Cancelled




# isi networks list ifaces
Interface       Status      Membership                Addresses                      
————— ———– ————————- ——————————
1:10gige-1      up                                    
1:10gige-2      up                                    
1:10gige-agg-1  up          subnet0:pool0             192.168.201.131
1:ext-1         no carrier                            
1:ext-2         no carrier                            
2:10gige-1      up                                    
2:10gige-2      up                                    
2:10gige-agg-1  up          subnet0:pool0             192.168.201.132
2:ext-1         no carrier                            
2:ext-2         no carrier                            
3:10gige-1      up                                    
3:10gige-2      up                                    
3:10gige-agg-1  up          subnet0:pool0             192.168.201.133
3:ext-1         no carrier                            
3:ext-2         no carrier                            


# isi license status
Module                    License Status    Configuration     Expiration Date
——                    ————–    ————-     —————
HDFS                      Inactive          Not Configured    
InsightIQ                 Inactive          Not Configured    
Isilon for vCenter        Inactive          Not Configured    
SmartConnect Advanced     Activated         Configured        
SmartLock                 Inactive          Not Configured    
SmartPools                Inactive          Not Configured    
SmartQuotas               Activated         Configured        
SnapshotIQ                Activated         Configured        
SyncIQ                    Activated         Not Configured    
iSCSI                     Inactive          Not Configured    


# isi auth ads view –verbose –provider-name=rntier.clx
                     Name: RNTIER.CLX
      Organizational Unit: –
          Machine Account: ISL-NAS$
           Authentication: Yes


                   Status: online
           Primary Domain: RNTIER.CLX
                   Forest: rntier.clx
                     Site: Default-First-Site-Name
           NetBIOS Domain: RNTIER
                 Hostname: isl-nas.rntier.clx
          Controller Time: 2014-09-25T08:35:29
       Cache Entry Expiry: 4H


          NSS Enumeration: No
              SFU Support: rfc2307
       Store SFU Mappings: No


        Ignore All Trusts: No
  Ignored Trusted Domains: –
  Include Trusted Domains: –
    Domain Offline Alerts: No
       LDAP Sign And Seal: No


             Lookup Users: Yes
   Lookup Normalize Users: Yes
            Allocate UIDs: Yes
  Lookup Normalize Groups: Yes
            Allocate GIDs: Yes
           Lookup Domains: –
            Lookup Groups: Yes


    Assume Default Domain: No
    Check Online Interval: 1m
 Machine Password Changes: Yes
Machine Password Lifespan: 1M
    Create Home Directory: Yes
  Home Directory Template: /ifs/userdata/%U
              Login Shell: /bin/zsh


# isi auth ads list
Name      Authentication Status DC Name Site                  
—————————————————————
RNTIER.CLX Yes            online –       Default-First-Site-Name
—————————————————————


isi auth ads modify –check-online-interval=60 –provider-name=rntier.clx
# isi auth users list
—————————————————————
Name    
———
Guest    
root    
admin    
compadmin
ftp      
www      
nobody  
insightiq
———




# isi auth users list –domain=rntier.clx
—————————————————————
.
RNTIER\dbear8    
RNTIER\dbear10    
RNTIER\dbear11    
RNTIER\dbear12


# isi auth ads spn list –domain=rntier.clx
SPNs registered for ISL-NAS$:
HOST/islnas01.rntier.clx
HOST/islnas01
HOST/isl-nas
HOST/isl-nas.rntier.clx


# isi auth ads trusts list –provider=rntier.clx
      Domain: rntier.clx
NetBIOS Name: RNTIER
         SID: –
        Guid: c7c7de1e-678f-5549-92c3-f0608242ce60
  Trust Type: primary
      Status: online
        Site: Default-First-Site-Name
     DC Name: ADS01.rntier.clx
  DC Address: 192.168.201.121
     DC Site: Default-First-Site-Name


# isi auth ads trusts controllers list –verbose –provider=rntier.clx
DC Name            DC Address    
———————————
ads01.rntier.clx 192.168.201.121
ads02.rntier.clx 192.168.201.122
———————————


# isi_for_array -s isi auth ads trusts controllers list –verbose –provider=rntier.clx
ISL-NAS-1: DC Name            DC Address    
ISL-NAS-1: ———————————
ISL-NAS-1: ads01.rntier.clx 192.168.201.121
ISL-NAS-1: ads02.rntier.clx 192.168.201.122
ISL-NAS-1: ———————————
ISL-NAS-1: Total: 2
ISL-NAS-2: DC Name            DC Address    
ISL-NAS-2: ———————————
ISL-NAS-2: ads01.rntier.clx 192.168.201.121
ISL-NAS-2: ads02.rntier.clx 192.168.201.122
ISL-NAS-2: ———————————
ISL-NAS-2: Total: 2
ISL-NAS-3: DC Name            DC Address    
ISL-NAS-3: ———————————
ISL-NAS-3: ads01.rntier.clx 192.168.201.121
ISL-NAS-3: ads02.rntier.clx 192.168.201.122
ISL-NAS-3: ———————————
ISL-NAS-3: Total: 2


# isi auth status
ID                                     Active Server      Status
—————————————————————-
lsa-activedirectory-provider:RNTIER.CLX ADS01.rntier.clx online
lsa-local-provider:System              –                  active
lsa-file-provider:System               –                  active
—————————————————————-


# isi_for_array -s isi auth status
ISL-NAS-1: ID                                     Active Server      Status
ISL-NAS-1: —————————————————————-
ISL-NAS-1: lsa-activedirectory-provider:RNTIER.CLX ADS01.rntier.clx online
ISL-NAS-1: lsa-local-provider:System              –                  active
ISL-NAS-1: lsa-file-provider:System               –                  active
ISL-NAS-1: —————————————————————-
ISL-NAS-1: Total: 3
ISL-NAS-2: ID                                     Active Server      Status
ISL-NAS-2: —————————————————————-
ISL-NAS-2: lsa-activedirectory-provider:RNTIER.CLX ADS01.rntier.clx online
ISL-NAS-2: lsa-local-provider:System              –                  active
ISL-NAS-2: lsa-file-provider:System               –                  active
ISL-NAS-2: —————————————————————-
ISL-NAS-2: Total: 3
ISL-NAS-3: ID                                     Active Server      Status
ISL-NAS-3: —————————————————————-
ISL-NAS-3: lsa-activedirectory-provider:RNTIER.CLX ADS01.rntier.clx online
ISL-NAS-3: lsa-local-provider:System              –                  active
ISL-NAS-3: lsa-file-provider:System               –                  active
ISL-NAS-3: —————————————————————-


# isi_classic auth ads dc –domain=rntier.clx
Current Domain Controller = ADS01.rntier.clx




# isi_for_array -s isi_classic auth ads dc –domain=rntier.clx
ISL-NAS-1: Current Domain Controller = ADS01.rntier.clx
ISL-NAS-2: Current Domain Controller = ADS01.rntier.clx
ISL-NAS-3: Current Domain Controller = ADS01.rntier.clx


# isi auth ads list
Name      Authentication Status DC Name Site                  
—————————————————————
RNTIER.CLX Yes            online –       Default-First-Site-Name
—————————————————————


# isi auth ads trusts controllers list –provider=rntier.clx
DC Name          
——————
ads01.rntier.clx
ads02.rntier.clx
——————
Total: 2


# isi auth error
Must specify an error code


isi auth ads view –provider-name=rntier.clx
isi auth ads view –provider-name=rntier.clx –verbose
isi_for_array -s isi_classic auth ads dc –domain=rntier.clx
isi_for_array -s isi_classic auth ads dc –domain=rntier.clx


while\
true\
do\
isi_for_array -s isi_classic auth ads dc –domain=rntier.clx\
sleep 3\
done


isi auth status
isi auth ads modify –domain-controller=ads02.rntier.clx –provider-name=rntier.clx
isi auth ads status
isi auth status


isi_classic isi auth ads
isi_classic auth ads dc –set-dc=ADS02.rntier.clx
isi_classic auth ads dc –set-dc=ADS02.rntier.clx –domain=rntier.clx


isi auth users list –domain=rntier.clx


isi_classic auth ads dc –set-dc=ADS01.rntier.clx –domain=rntier.clx
while\
true\
do\
isi_for_array -s isi_classic auth ads dc –domain=rntier.clx\
sleep 3\
done


isi_for_array -s isi auth ads users list –provider=rntier.clx
isi auth users list –domain=rntier.clx
isi_for_array -s isi auth users list –domain=rntier.clx


tail -f /var/log/lsassd.log


isi_for_array -s isi auth users list –domain=rntier.clx


while\
true\
do\
isi_for_array -s isi_classic auth ads dc –domain=rntier.clx\
sleep 3\
done


isi auth status
tail -f /var/log/lsassd.log
isi_for_array -s uname -a


while\
true\
do\
isi_for_array -s isi_classic auth ads dc –domain=rntier.clx\
sleep 3\
done


disi -I diskpools list


isi status
isi_hw_status


chmod -N /ifs/rnt_profile
ls -led /ifs/rnt_profile
chmod +a user “rntier\\administrator” allow dir_gen_all,object_inherit,container_inherit /ifs/rnt_profile
chmod +a group rntier\\domain\ admins allow dir_gen_all,object_inherit,container_inherit
chmod +a group “rntier\\domain\ admins” allow dir_gen_all,object_inherit,container_inherit
chmod +a group “rntier\\domain admins” allow dir_gen_all,object_inherit,container_inherit
chmod +a group rntier\\”domain admins” allow dir_gen_all,object_inherit,container_inherit
ls -led /ifs/rnt_profile
ls -al /ifs/rnt_profile


isi auth mapping list
isi auth mapping dump

서진우

슈퍼컴퓨팅 전문 기업 클루닉스/ 상무(기술이사)/ 정보시스템감리사/ 시스존 블로그 운영자

You may also like...

페이스북/트위트/구글 계정으로 댓글 가능합니다.