Is it anything related to changes that have gone to the NAS volumes . I am getting the error "security id structure invalid" when I try to add users to Home folder on NAS volumes I have tried to add the permissions from the domain controllers it is giving me the same error.
there was a upgrade of NAS servers for EMC ( EMC celerra with gateway clariion ) but it didn't take place due to control station failure. Is this error related upgrade??
server is windows 2003
When i go to \nas6\usr7$ share and right click the folder ,Under security when i try to give permission it states- "unable to save permission changes on Ze175"(folder name) " security id structure invalid" . The same thing happenes when trying from domain controllers.
Could you tell me is this error related to upgrade.Please advice
It's only usin CIFS
A lot of inexpensive NAS-type devices based on stripped down versions of samba frequently have issues when it comes to permissions. You're not exactly running into anything new.
Although implementing roaming profiles on a NAS is very possible when samba is properly configured & has a supporting file system that is able to work with samba, it appears as though your particular appliance is falls into that "inexpensive NAS" category.
Unfortunately, it is quite unlikely that you'll be able to implement any form of NTFS permissions. Creating roaming user profiles does require being able to modify NTFS permissions for the new profile. It's equally unlikely that the manufacturer of that device will be able to simply "add" that functionality with a simple firmware update.
Your best bet is to invest into a new NAS that is capable of integrating with active directory & understands NTFS permissions. They cost significantly more in most cases unfortunately.
As you say you had an upgrade failure and this is a Celerra unit you need to get EMC support involved. The problem may be a consequence of the upgrade failure or it may indicate a pre-existing error although my guess is that it is related to the failure. They will be able to sort you out - if you've let your support contract lapse then sort that out, you should never run one a system like a Celerra without vendor support.
Edited to add - Celerra's CIFS implementation fully supports AD integration, assigning permissions to files at the NTFS level and to the CIFS shares themselves. The Celerra support tools include a number of MMC plugins to help with administering CIFS shares. At the NTFS level you can just use Explorer or any other tool that understands how to manipulate NTFS permissions so there is nothing wrong with what you are trying to do. It can get a bit more complex, especially if you want to support both AD and Unix users accessing the same data but if you are simply using the Celerra defaults then it works pretty smoothly.