Error1:
zsh: permission denied: isi_for_array
Fix:
>> normal you see this issue, if you dont have permission to run the command
or you are not running commands with root user
or you forgot to put sudo in fornt of the command when you are using non root user account
>> you can fix this issue by modify the sudo file to give access to all users to all commands
//Open the sudo file to add access to the Groups or Users
isi_visudo -f /etc/mcp/override/sudoers
>>click "insert" button to edit the file, add the below any entry based on your requirement
#Below Command to give access to all users
ALL ALL=(ALL) NOPASSWD: ALL
#Below Command to give access to Domain User to all CMDs
<DOMAIN>\\<USERID> ALL=(ALL) NOPASSWD: ALL
#Below Command to give access to Islon Cluster Local User to all CMDs
<USERID> ALL=(ALL) NOPASSWD: ALL
#Below Command to give access to Islon Cluster Local Group users to all CMDs
%<LocalGroupName> ALL=(ALL) NOPASSWD: ALL
>>Press Esc and enter ":wq" to write the changes to the file
Now run your command with "sudo" in front of the command, like below
Example:
IsilonCluster1-2% isi_for_array -s 'isi_hw_status | grep -i serno'
zsh: permission denied: isi_for_array
IsilonCluster1-2% sudo isi_for_array -s 'isi_hw_status | grep -i serno'
IsilonCluster1-1: SerNo: XXXXXXXXXXX
IsilonCluster1-2: SerNo: XXXXXXXXXXX
Error2:
Could not chdir to home directory /ifs/home/DOMAIN/USERID: No such file or directory
Fix:
Normally you see this error, if the user that logged in doest have a Home Directory, either you create manually.
if you are a domain user, make you "Create home directories on first login" option is checked under the domain in Active Directory
GUi > Access > Authrentication Providers > Active Directory
How to setup Full Previllages to AD Groups on Isilon Cluster ?
1. Login to the GUi > Access > Authrntication Providers > Active Directory > + Join a Domain > Fill the details > Join.
Once it is joined succussfully, and status is showing "Online", goto next step
Note: for Isilon OneFS v8.1.2.0 and above make sure "Create home directories on first login" option is check.
if it is not checked, Users after loggin into putty, maybe be able to use Tab Functionality
2. Login to Isilon Cluster CLI as root through SSH tools like Putty. and run the below commands
//Create a Role First like "StorageAdmins"
isi auth roles create --name StorageAdmins --description "Full Admin Privileges to the Cluster"
//Add AD Group to the Role
isi auth roles modify StorageAdmins --add-group=ADGroup1@Domain
//you can add more groups to the same role like below
isi auth roles modify StorageAdmins --add-group="ADGroup2@Domain"
//Add Previllages to the Role that was created earlier "StorageAdmins" (Below is list of full Previllages)
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_ANTIVIRUS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_AUDIT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_AUTH
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_CERTIFICATE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_CLOUDPOOLS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_CLUSTER
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_DEVICES
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_ESRS_DOWNLOAD
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_EVENT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_FILE_FILTER
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_FTP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_HARDENING
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_HDFS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_HTTP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_IFS_BACKUP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_IFS_RESTORE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_IFS_WORM_DELETE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_JOB_ENGINE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LICENSE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LOGIN_CONSOLE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LOGIN_PAPI
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LOGIN_SSH
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_MONITORING
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NDMP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NETWORK
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NFS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NS_IFS_ACCESS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NS_TRAVERSE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NTP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_QUOTA
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_REMOTE_SUPPORT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_ROLE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SMARTPOOLS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SMB
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SNAPSHOT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SNMP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_STATISTICS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SWIFT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYNCIQ
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_SHUTDOWN
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_SUPPORT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_TIME
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_UPGRADE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_VCENTER
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_WORM
//Open the sudo file to add access to the Groups or Users
isi_visudo -f /etc/mcp/override/sudoers
>>click "insert" button to edit the file, add the below entry
ALL ALL=(ALL) NOPASSWD: ALL
>>Press Esc and enter ":wq" to write the changes to the file
3. Verify the access by relogin to the putty
login as: <DOMAIN>\<USERID>
Using keyboard-interactive authentication.
Password: **********
zsh: permission denied: isi_for_array
Fix:
>> normal you see this issue, if you dont have permission to run the command
or you are not running commands with root user
or you forgot to put sudo in fornt of the command when you are using non root user account
>> you can fix this issue by modify the sudo file to give access to all users to all commands
//Open the sudo file to add access to the Groups or Users
isi_visudo -f /etc/mcp/override/sudoers
>>click "insert" button to edit the file, add the below any entry based on your requirement
#Below Command to give access to all users
ALL ALL=(ALL) NOPASSWD: ALL
#Below Command to give access to Domain User to all CMDs
<DOMAIN>\\<USERID> ALL=(ALL) NOPASSWD: ALL
#Below Command to give access to Islon Cluster Local User to all CMDs
<USERID> ALL=(ALL) NOPASSWD: ALL
#Below Command to give access to Islon Cluster Local Group users to all CMDs
%<LocalGroupName> ALL=(ALL) NOPASSWD: ALL
>>Press Esc and enter ":wq" to write the changes to the file
Now run your command with "sudo" in front of the command, like below
Example:
IsilonCluster1-2% isi_for_array -s 'isi_hw_status | grep -i serno'
zsh: permission denied: isi_for_array
IsilonCluster1-2% sudo isi_for_array -s 'isi_hw_status | grep -i serno'
IsilonCluster1-1: SerNo: XXXXXXXXXXX
IsilonCluster1-2: SerNo: XXXXXXXXXXX
Error2:
Could not chdir to home directory /ifs/home/DOMAIN/USERID: No such file or directory
Fix:
Normally you see this error, if the user that logged in doest have a Home Directory, either you create manually.
if you are a domain user, make you "Create home directories on first login" option is checked under the domain in Active Directory
GUi > Access > Authrentication Providers > Active Directory
How to setup Full Previllages to AD Groups on Isilon Cluster ?
1. Login to the GUi > Access > Authrntication Providers > Active Directory > + Join a Domain > Fill the details > Join.
Once it is joined succussfully, and status is showing "Online", goto next step
Note: for Isilon OneFS v8.1.2.0 and above make sure "Create home directories on first login" option is check.
if it is not checked, Users after loggin into putty, maybe be able to use Tab Functionality
2. Login to Isilon Cluster CLI as root through SSH tools like Putty. and run the below commands
//Create a Role First like "StorageAdmins"
isi auth roles create --name StorageAdmins --description "Full Admin Privileges to the Cluster"
//Add AD Group to the Role
isi auth roles modify StorageAdmins --add-group=ADGroup1@Domain
//you can add more groups to the same role like below
isi auth roles modify StorageAdmins --add-group="ADGroup2@Domain"
//Add Previllages to the Role that was created earlier "StorageAdmins" (Below is list of full Previllages)
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_ANTIVIRUS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_AUDIT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_AUTH
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_CERTIFICATE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_CLOUDPOOLS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_CLUSTER
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_DEVICES
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_ESRS_DOWNLOAD
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_EVENT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_FILE_FILTER
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_FTP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_HARDENING
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_HDFS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_HTTP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_IFS_BACKUP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_IFS_RESTORE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_IFS_WORM_DELETE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_JOB_ENGINE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LICENSE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LOGIN_CONSOLE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LOGIN_PAPI
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_LOGIN_SSH
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_MONITORING
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NDMP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NETWORK
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NFS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NS_IFS_ACCESS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NS_TRAVERSE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_NTP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_QUOTA
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_REMOTE_SUPPORT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_ROLE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SMARTPOOLS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SMB
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SNAPSHOT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SNMP
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_STATISTICS
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SWIFT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYNCIQ
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_SHUTDOWN
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_SUPPORT
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_TIME
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_SYS_UPGRADE
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_VCENTER
isi auth roles modify StorageAdmins --add-priv ISI_PRIV_WORM
//Open the sudo file to add access to the Groups or Users
isi_visudo -f /etc/mcp/override/sudoers
>>click "insert" button to edit the file, add the below entry
ALL ALL=(ALL) NOPASSWD: ALL
>>Press Esc and enter ":wq" to write the changes to the file
3. Verify the access by relogin to the putty
login as: <DOMAIN>\<USERID>
Using keyboard-interactive authentication.
Password: **********
Thank you for content. I like it and my site is different for your site. please visit my site. แจกเครดิตฟรี ฝากถอนง่าย
ReplyDeleteHi Raghuram,
ReplyDeleteThank you for sharing your knowledge. In Isilon reference :- Could you please point out the difference between "shutdown all" and "isi_for_array shutdown -p"
and will cache automatically commit to storage when cluster shutdown gets initiated?
Thanks a lot for this post.
ReplyDeleteCould we do that with AD Group ?
I try in isi_visudo -f /etc/mcp/override/sudoers
AD\\GROUP_GG ALL=(ALL) NOPASSWD: ALL
But don't work (Ad is OK and is the provider in my system zone
you must to do:
Delete#isi_visudo -f /etc/mcp/override/sudoers
%AD\\GROUP_GG ALL=(ALL) NOPASSWD: ALL