Subscribe
Accepted Solution

Access and rights issues on vFiler.

Hi

I have access problem to my vFiler. When I open a new mmc and connect to my vFiler i got the following error " You do not have permission to see the list of shares for Windows Clients". I do not allways get this error it is intermittent?!

The other strange thing thats happens when i am trying to change owner ship or change permission on the share is this error " Unable to set new owner on "share$" (folder path xx.xx.xx) Access denied.

Rgds

Tobias

Re: Access and rights issues on vFiler.

It should be the same if not a vFiler.  Is your windows account in the administrator group on the netapp?  You can use useradmin to check....usually the account is not included.

Re: Access and rights issues on vFiler.

Where colud i see how is member of local administrator on NetApp. Should I add domain admin to administrators?

useradmin ?

Re: Access and rights issues on vFiler.

useradmin user list will show local admin users.  useradmin domainusers list -g administrators will show all domain user accounts that are admins  You can use "cifs lookup" to get the username on the sids listed.  If you are not listed with your username then add your domain account with "useradmin domainuser add username -g administrators" if not there.

Re: Access and rights issues on vFiler.

Thanks for your fast replay and the command . Our Domian Admin group is member of local admin on the NetApp vfiler, but I still get the no access message when iám changing permission on the share. But if i click continue one the "access denied" message and then cancel the permission has changed?

Re: Access and rights issues on vFiler.

When I change permission on the share I get following error.

Re: Access and rights issues on vFiler.

Why dont you turn on access tracking logging and see what the error message is?

options cifs.trace_login on             (hopefully I remembered the correct syntax).

Then recreate the issue and go looking for more info in /etc/messages file. dont forget to turn the option OFF once done.

Also, do basic checks and see if the qtree is UNIX or NTFS security style etc.

Re: Access and rights issues on vFiler.

I have performed "options cifs.loin on" on the vFiler, but how do I read the file in / etc / message directory?

To summarize the problem:

We have two vFilers with CIFS share which we will use for home directories.

What happens is the following. I can take ownership over the share and it works with my domain admin account. But when I try to put "permission" on the shared directory, eg. CREATOR OWNER, I get  the access denied message.

The home directories will be used in a windows environment so security style is NTFS.

Rgds

Tobias

Re: Access and rights issues on vFiler.

with trace_login on you will see the login on the console...so keep the console open when you connect and it will show the login and the usermapping as well. 

qtree status shows the volume is ntfs security style?  Do you have a vfileroot/etc/passwd file with root and pcuser in it, then options wafl.default_unix_user is pcuser (all the defaults if not changed)?

Re: Access and rights issues on vFiler.

Hi

Here´s the output for cifs trace. I can see there is a problem with one of domain controllers is that related to the access problem? We have four AD server in our environment. Can there be a problem with that pcuser is UNIX. Security style is for the qtree is NTFS

Rgds

Tobias