Active IQ Unified Manager Discussions

Security enabled mail groups are not working

philhu

I have a NetApp unit:

Booted primary firmware version 2.2.2P2
Booted primary ACP version 01.21
Primary firmware version 2.2.2P2
Primary ACP version 01.21
Backup firmware version 2.2.2P2
Backup ACP version 01.21

 

Model:
FAS2520
System ID:
0xxxxxxxx
Version:
NetApp Release 8.2.2 7-Mode
Uptime:
98 days 5 hours 38 minutes
Compliance Clock Time:
NA

 

I have setup a qtree as a share.  The unit has joined AD and uses domain authentication.  I had built 2 security groups.  One an AD group and one a Security-enabled Mail Group.  The first is maintained by the corporation, the second by us.

 

The first works fine.  The second can be added, but security doesn't work from it.  I tried to setup the Security Mail Group  as share permissions level.  It seems to be ignored

Example, putting a user in that group, removing permission for 'everyone' results in 'access denied'.  Putting the user in the permissions directly works fine

 

The group is defines as a 'Universal' group, with it's AD string shown here (sections redacted):

dn:CN=MG-MDT-BMC-SHARE,OU=Distribution,OU=GROUPS,DC=domain,DC=ads,DC=company,DC=com

>groupType: -2147483640 [UNIVERSAL(8);SECURITY(2147483xxx)]

 

The question is why will it not work?

 

 

0 REPLIES 0
Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

Public