This section explains how to use the qq auth_expand_identity command.

Description

Find equivalent identities and full group membership.

Usage

qq auth_expand_identity [-h] [--auth-id AUTH_ID] [--uid UID] [--gid GID] [--sid SID] [--name NAME] [--domain {LOCAL,WORLD,POSIX_USER,POSIX_GROUP,ACTIVE_DIRECTORY}] [--json] [--show-access-tokens] [identifier]

Flags

Flag Name Required Description
--auth-id No The canonical identifier used internally by QumuloFS.
--uid No An NFS UID
--gid No An NFS GID
--sid No An SMB SID
--name No A local, AD, or LDAP name. AD names may be unqualified, qualified with NetBIOS name (e.g. DOMAIN\user), or a universal principal name (e.g. user@domain.example.com). LDAP names may be either login names, or distinguished names (e.g. CN=John Doe,OU=users,DC=example,DC=com). Names of cluster-local users and groups may qualified with the cluster name (e.g. cluster\user).
--domain No Specify which auth_id domain is sought. This can be useful when looking up a duplicated name (e.g. if there is an AD user and cluster-local user with the same name) to specify which of the identifiers is meant.
--json No Print result as JSON object.
--show-access-tokens No Print QFSD Access Tokens and S3 Access Keys associated with the user.

Positional Options

Option Name Description
identifier A name or a SID, optionally qualified with a domain prefix (e.g "local:name", "world:Everyone", "ldap_user:name", "ldap_group:name", or "ad:name") or an ID type (e.g. "uid:1001", "gid:2001", "auth_id:513", "SID:S-1-1-0").