I have an issue with a NFS export on a controller with a NTFS qtree and NTFS permissions. What's weird is that I can mount the export from a linux host, and browse the directory tree, but only while logged in as root. If I login with any other account, I can mount, but not browse the export-
Client Error
[spice@irv-dev-ieapi1 ~]$ cd /mnt/Omniture
-bash: cd: /mnt/Omniture: Permission denied
fcstab / mounts
Works
lv-gdc-san1b.prod.mycompany.com:/vol/Archive/PI/archive/export on /mnt/PIExport type nfs (rw,hard,intr,tcp,addr=10.20.96.101)
Doesn’t work
irv-gdc-san1a.corp.mycompany.com:/vol/Archive/DA/Omniture on /mnt/Omniture type nfs (rw,hard,intr,tcp,addr=10.228.26.100)
NetApp (irv-gdc-san1a)-
Qtree
Qtree : DA
SecurityStyle : ntfs
Status : normal
Volume : Archive
Security : ntfs
NFSExport
irv-gdc-san1a> wcc -u spice
Thu Nov 7 07:05:40 PST last message repeated 3 times
Thu Nov 7 07:05:42 PST [irv-gdc-san1a: auth.trace.authenticateUser.loginTraceMsg:info]: AUTH: LSA lookup: Lookup of account "mycompany\#pcuser#" failed: STATUS_NONE_MAPPED (0xc0000073).
Mapped user not found
Thu Nov 7 07:05:42 PST [irv-gdc-san1a: auth.trace.authenticateUser.loginTraceMsg:info]: AUTH: LSA lookup: Located account "mycompany\pcuser" in domain "mycompany"..
irv-gdc-san1a> wcc -u pcuser
(NT - UNIX) account name(s): (KBB\pcuser - pcuser)
***************
UNIX uid = 65534
NT membership
KBB\pcuser
KBB\KBBcomSP_ReadAccess
KBB\CDM_ITFileShare
KBB\WebBusAnalytics_Read_SP
KBB\Domain Users
KBB\CERTSVC_DCOM_ACCESS
BUILTIN\Users
User is also a member of Everyone, Network Users,
Authenticated Users
***************
Usermap.cfg file-
#mycompany\"#pcuser" <= root
mycompany\"#pcuser" <= nz
mycompany\"#pcuser#" <= biadmin
mycompany\pcuser <= spice
#mycompany\"#pcuser#" <= *
I have tried every variation of syntax on the usermap.cfg file, and cannot get the configuration I need, for all unix users to get mapped to a windows account 'pcuser'. I have validated that account has permissions, and can get to that same location via CIFS from a windows system just fine. What's even more strange is that the mount that is working is going to a similar NetApp that doesn't even have any usermap.cfg, or passwd entries. Anyone have any thoughts on this? I definately don't want to change the qtree security style to Mixed or unix.