Closed ariffewear closed 4 years ago
Can you give a little more information? I'm not even sure what this error means. Is this Isilon cluster setup with anything special, hardening, compliance, worm, AD, LDAP, kerberos? Does it work if you create a temporary zone and try running it in that zone? What version of onefs and what distribution of hadoop?
Are you by chance trying to run this script in the system zone but are currently in a different zone?
@ariffewear: please provide more information about the invocation so we can help you, e.g.,
Please be sure to omit/remove/obscure any and all identifiable information from the output when providing it, e.g., cluster IP addresses, usernames, passwords, etc.
I recommend using Gist, when posting the information; just be sure to paste a link to the Gist in this issue.
The only way I have been able to reproduce this is by replacing the zone's default local provider (e.g. lsa-local-provider:somezone
) with the System local provider before running isilon_create_users
:
isi zone modify somezone --auth-providers=lsa-local-provider:System
Any chance that is what happened here?
The key is to make sure the Auth Prodivider is pointing to the same zone you are trying to modify. If for example you are modifying the customer-az zone with this script and your Auth Providers is pointing to a different zone you will get this error. Check your auth setting with "isi zone view".
Isilon OneFS v8.2.1.0
Name: customer-az
Path: /ifs/data/testing
Groupnet: groupnet0
Map Untrusted:
**Auth Providers: lsa-local-provider:customer-az**
NetBIOS Name:
User Mapping Rules: -
Home Directory Umask: 0077
Skeleton Directory: /usr/share/skel
Cache Entry Expiry: 4H
Negative Cache Entry Expiry: 1m Zone ID: 2
This issue is a result of a misconfiguration of the auth provider pointing to a different zone than where the isilon_hadoop_tools were executed on. Users can check auth settings with isi zone view. If you get this "unmodifiable" error it's because your auth provider is pointing to a different zone.
Hi master,
how to run isilon_create_users as local zone provider. because running it using default causing me "The authentication provider was created in a zone that makes it unmodifiable" error