This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

QAS - Help with using AD groups to authorise filesystem access

Apologies if this is the wrong forum.

We have QAS 4.1 installed on our Linux servers which is providing authentication by having Active directory groups being added, via a QAS script, to the /etc/opt/quest/vas/users.allow file.

I am being advised that to allow filesystem permissions to be set that we need to create local groups on the Linux server with the same name and reference the AD GID.

This appears to be an odd approach as it means we have to continue with group management on the Linux server as well as within the Active Directory.

Can anyone please advise as to whether this is the case and if not what is required to be able to set filesystem permissions using the AD groups that now reside in the users.allow file.

  • Turns out the advice /direction I was given was incorrect. Once the QAS agent has synced with AD the new AD groups are now visible as my developer can now list logon with their AD credentials and list groups that they are members of, these turn out to be qasstaff and the AD group I have created. Filesystem permisisons can now be applied using this AD group. Happy days. Although its not clear how the user got added into qasstaff.