** Background **
Client wants to use Samba4/ADS to authorize/authenticate about 200 users and
200 nodes in their IT infra. The client has a mix of CentOS 6 Desktop (85%),
Windows 7 Pro desktop (10%)) and OS X (5%). The storage shares shall be on 60TB and
100TB servers and shall be exported as NFS+CIFS. CentOS desktops shall mount these shares
as NFS. Windows+OS X desktops shall mount these shares as CIFS (SMBFS).

** Requirements **
The NFS/CIFS mounts should work seamlessly in the following manner

The exported share shall be mounted as follows:

Windows / OS X SMBFS
Linux (CentOS) NFS

** Expected Results **

Linux (NFS) can read/write on the share. Other desktops Windows/OS X can read
and write on the same dir/file

Windows (SMBFS) can read/write on the share. Other desktops Linux/OS X can read
and write on the same dir/file

OS X (SMBFS) can read/write on the share. Other desktops Linux/Windows can read
and write on the same dir/file

** Proof of Concept (PoC) for above use case **

We have demonstrated the above scenario with a stock CentOS 6 server exporting
the shares as NFS + CIFS. The shares work seamlessly for the AD\user
irrespective of the desktop; whether s/he is on Linux or Windows or OS X.

For reference please see [1] for our /etc/exports (NFS) and /etc/smb/smb.conf
(CIFS) from our CentOS 6.5 server.

** Motivation to use open-e DSS v7 **
With success in above PoC (Linux base storage), the client has procured a 60 day
trial lic. (DSSv7) and installed it on the 60TB storage. The open-e has bound
with Samba4 ADS successfully (We can see the users and groups)

We have created the "projects" share and checked the NFS as well as CIFS
options for the share, as per the screen shots in Quick Start and the open-e
manual.

No issues so far.

** The problem with open-e NFS+CIFS share **

Use case testing. AD\user is jdoe.

(A) CentOS Linux Desktop

- We are also able to mount the NFS share "projects" (that has project data)
e.g. /mnt/projects

- The AD\user is able to create a dir/file in /mnt/projects, where the uid:gid permissions allow it.

- The AD\user when s/he tries to change dir/file created by another user s/he
is able to do it given that s/he has the uid:gid permissions on the file/dir.


(B) Windows 7 Desktop

- The logon scripts are able to map the CIFS shares to drive letters.

- The AD\user is able to do domain login.

- The AD\user is able to browse the "projects" share

- The AD\user is *not* able to modify/delete the files/dirs s/he created on the
Linux desktop. s/he gets "Access denied" dialog box.

- The AD\user is *not* able to create any new files/dirs.

(C) OS X Desktop

- The AD\user is able to domain login.

- The AD\user is able to mount the "projects" share using SMBFS

- The AD\user is able to browse the "projects" share

- The AD\user is *not* able to modify/delete the files/dirs in the "projects"
share that s/he created on the Linux desktop.

- The AD\user is *not* able to create any new files/dirs in the "projects"
share.

Unless we can get past the above hurdle, the client does not want to deploy open-e
as their storage solution.

Having seen the seamless NFS/CIFS integration from the PoC (CentOS), they want
the same functionality from open-e.

Does open-e support seam less NFS/CIFS on the same share, as what we have show
in the CentOS PoC?

If yes, what it is that we are missing?


[1] Our PoC NFS + CIFS configurations (CentOS6 server)

# cat /etc/samba/smb.conf
[global]
workgroup = EXAMPLE
server string = Samba Server Version %v
# logs split per machine
log file = /var/log/samba/log.%m
# max 50KB per log file, then rotate
max log size = 50
security = ads
passdb backend = tdbsam
realm = INTRA.EXAMPLE.COM
kerberos method = secrets and keytab
client signing = yes
client use spnego = yes
password server = SMBAD.INTRA.EXAMPLE.COM
load printers = yes
cups options = raw

[projects]
comment = Windows Share
path = /nfs
browseable = yes
read only = Yes
writable = yes
guest ok = yes
valid users = %U
create mask = 0660
directory mask = 077

# cat /etc/exports
/nfs 172.16.0.0/24(rw,sync)