NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

Active IQ Unified Manager Discussions

Security enabled mail groups are not working

philhu
2,428 Views

I have a NetApp unit:

Booted primary firmware version 2.2.2P2
Booted primary ACP version 01.21
Primary firmware version 2.2.2P2
Primary ACP version 01.21
Backup firmware version 2.2.2P2
Backup ACP version 01.21

 

Model:
FAS2520
System ID:
0xxxxxxxx
Version:
NetApp Release 8.2.2 7-Mode
Uptime:
98 days 5 hours 38 minutes
Compliance Clock Time:
NA

 

I have setup a qtree as a share.  The unit has joined AD and uses domain authentication.  I had built 2 security groups.  One an AD group and one a Security-enabled Mail Group.  The first is maintained by the corporation, the second by us.

 

The first works fine.  The second can be added, but security doesn't work from it.  I tried to setup the Security Mail Group  as share permissions level.  It seems to be ignored

Example, putting a user in that group, removing permission for 'everyone' results in 'access denied'.  Putting the user in the permissions directly works fine

 

The group is defines as a 'Universal' group, with it's AD string shown here (sections redacted):

dn:CN=MG-MDT-BMC-SHARE,OU=Distribution,OU=GROUPS,DC=domain,DC=ads,DC=company,DC=com

>groupType: -2147483640 [UNIVERSAL(8);SECURITY(2147483xxx)]

 

The question is why will it not work?

 

 

0 REPLIES 0
Public