How to create a persistent password to be used by a SMB client in a Solaris 11 non-global zone
Last updated on OCTOBER 02, 2017
Applies to:Solaris Operating System - Version 11 11/11 to 11.2 [Release 11.0]
Information in this document applies to any platform.
Depending on the configuration of a SMB File Sharing environment, the mount_smbfs(1M) command on a Solaris SMB client may need to authenticate at the SMB server by using a username, and providing the password for that user, when mounting a filesystem from the server.
If a SMB filesystem shall become automatically mounted at boot time, it needs an entry in the vfstab(4) file of the system. During this process the password for the user needs to get provided to the mount operation without any manual intervention, and so may not prompt to manually enter the password. This is called a persistent password.
Such persistent passwords may get created and stored in a secure way, by using the command smbadm(1M) with the sub command "add-key".
As part of the SMB server feature the smbadm(1M) command may only get used in the global zone on a system, because the SMF server is only available in the global zone, but not in a non-global zone on a system.
That's the reason why the smbadm command fails and does display the message "cannot execute in non-global zone", when using that command in a non-global zone.
The SMB client feature is also available in non-global zones on Solaris 11.
If a non-global zone shall automatically mount a SMB filesystem at boot time, the persistent password that is needed to authenticate that mount operation, does also need to exist in the non-global zone.
This document provides an example to create and store a persistent password of a user for that purpose in non-global zones in Solaris 11.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms