https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68236#M6247 <HTML><HEAD></HEAD><BODY><P>Hi!</P><P></P><P>I'm trying to access our filer in a way that gives me full access to a NTFS-mounted CIFS-share to take a normal file level backup through \\filer\volume</P><P></P><P>We have a qtree, e.g /vol/files, with NTFS-style permissions and a CIFS share mounted on the qtree (\\filer\files). We want to backup this CIFS share from a dedicated machine, with something similar to root-privileges in Unix.</P><P></P><P>Is there a way to map a Domain User to a local filer super-user to make this happen? I'm not very familiar with WAFL and user administration on the filer, and how the different types of users are connected to e.g CIFS access.</P><P>After several hours of googling I've discovered that there is a Backup Operators group on the filer, but this only applies to NDMP?</P><P></P><P>I've tried mapping the backup user to root and Administrator in /etc/usermap.cfg, but still no luck. cifs.trace_login is enabled, and I can see the user logging in and getting mapped to root/Administrator/whatever I tell it to in the usermap file.</P><P></P><P>Is this even possible?</P></BODY></HTML> Thu, 05 Jun 2025 07:18:42 GMT mss 2025-06-05T07:18:42Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68236#M6247 <HTML><HEAD></HEAD><BODY><P>Hi!</P><P></P><P>I'm trying to access our filer in a way that gives me full access to a NTFS-mounted CIFS-share to take a normal file level backup through \\filer\volume</P><P></P><P>We have a qtree, e.g /vol/files, with NTFS-style permissions and a CIFS share mounted on the qtree (\\filer\files). We want to backup this CIFS share from a dedicated machine, with something similar to root-privileges in Unix.</P><P></P><P>Is there a way to map a Domain User to a local filer super-user to make this happen? I'm not very familiar with WAFL and user administration on the filer, and how the different types of users are connected to e.g CIFS access.</P><P>After several hours of googling I've discovered that there is a Backup Operators group on the filer, but this only applies to NDMP?</P><P></P><P>I've tried mapping the backup user to root and Administrator in /etc/usermap.cfg, but still no luck. cifs.trace_login is enabled, and I can see the user logging in and getting mapped to root/Administrator/whatever I tell it to in the usermap file.</P><P></P><P>Is this even possible?</P></BODY></HTML> Thu, 05 Jun 2025 07:18:42 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68236#M6247 mss 2025-06-05T07:18:42Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68243#M6248 <HTML><HEAD></HEAD><BODY><P>Hi</P><P></P><P>Welcome to the community.</P><P></P><P>Please take a step back and describe how you are trying to backup?&nbsp; A windows server via a \\filer\root volume path...</P><P></P><P>We use HP Data Protector and CommVault with the NDMP plug in to backup the data from the filer to tape.&nbsp; This works great and is very fast.</P><P></P><P>However if you want to pull the data over the network via a share you need to create a CIFS share of the volume and then ensure the windows NTFS security on each file and folder has the correct permissions.&nbsp; Manage via a windows host and the MMC pointed at your filer but can use NetApp cli if you want.&nbsp; You may need to take ownership of the NTFS permissions 1st, via the domain admin account.&nbsp; This is all very messy and does not scale well, so recommend you pay the cash for the NDMP plug in for your backup app.</P><P></P><P>Hope this helps</P><P></P><P>Bren</P></BODY></HTML> Thu, 11 Feb 2010 12:37:11 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68243#M6248 BrendonHiggins 2010-02-11T12:37:11Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68251#M6250 <HTML><HEAD></HEAD><BODY><P>If you are backing up over CIFS, the local "Backup Operators" group should work.&nbsp; So you'd put the user that is doing the backup into that local group and you should get what you want.</P><P>But like was stated, this assumes you are doing backups over CIFS.&nbsp; NDMP doesn't worry about this kind of stuff.</P></BODY></HTML> Thu, 11 Feb 2010 17:02:15 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68251#M6250 adamfox 2010-02-11T17:02:15Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68259#M6252 <HTML><HEAD></HEAD><BODY><P>Thanks guys!</P><P></P><P>I ended up upgrading our backup software so NDMP would work, file level backups over CIFS is too much hassle <SPAN __jive_emoticon_name="wink" __jive_macro_name="emoticon" class="jive_macro jive_emote" src="https://community.netapp.com/images/emoticons/wink.gif"></SPAN></P><P></P><P>-Halvor</P></BODY></HTML> Fri, 12 Feb 2010 07:50:05 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Bypass-NTFS-ACL-on-a-CIFS-share-to-take-file-level-backups/m-p/68259#M6252 mss 2010-02-12T07:50:05Z