Ask The Experts

Name mapping

singamreddy
2,607 Views

Hi all,

we are facing a issue with name-mapping ( not sure). we have provide a vol(NTFS)/qtree(NTFS) to windows team, then they mount that and craete as /export/dir. now, the linux team is try to access the /export/dir . they are able to mount the path , but  not able to access the path which is showing permission denied . from netapp end we have done the name mapping from unix to windows.  can anyone help me in this case. 

1. do we have to add /root also in name mapping?

2. do we have to check the /export/dir permissions in windows level?

3.do we have to change the security style for the vol  from NTFS to UNIX ?

 

 

1 ACCEPTED SOLUTION

CvetAlek
2,577 Views

Hi,

For better understanding, we will need more data about the issue and details of your system like, ONTAP version, logs related to the issue and maybe packet trace. But, i will try to answer your questions:

 

First thing that needs to be distinguished is to determine if you have correctly configured export policies.
You can check that with following command:  vserver export-policy check-access
https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-cmpr-900/vserver__export-policy__check-access.html


1. If I correctly understand, you are asking about user root. If the user who is accessing the export is root, than, yes you need to map user root to Windows user who has the expected permission.

 

2. This is NTFS security style as I understand. So in that case you need to have proper NTFS permission to access the export.

    You can check permission from Windows for the share, but also you can check permission of the share from ONTAP with this command:  vserver security file-directory show.

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-cmpr-900/TOC__vserver__security__file-directory__ntfs.html

 

3. In both cases either NTFS or UNIX security style you can allow access to Windows and Linux users.

    The best practices to choose security style is described in documentation
    https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-nfs%2FGUID-00DA93A7-6A41-4DA8-87A8-1DCC91061599.html

View solution in original post

2 REPLIES 2

CvetAlek
2,578 Views

Hi,

For better understanding, we will need more data about the issue and details of your system like, ONTAP version, logs related to the issue and maybe packet trace. But, i will try to answer your questions:

 

First thing that needs to be distinguished is to determine if you have correctly configured export policies.
You can check that with following command:  vserver export-policy check-access
https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-cmpr-900/vserver__export-policy__check-access.html


1. If I correctly understand, you are asking about user root. If the user who is accessing the export is root, than, yes you need to map user root to Windows user who has the expected permission.

 

2. This is NTFS security style as I understand. So in that case you need to have proper NTFS permission to access the export.

    You can check permission from Windows for the share, but also you can check permission of the share from ONTAP with this command:  vserver security file-directory show.

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-cmpr-900/TOC__vserver__security__file-directory__ntfs.html

 

3. In both cases either NTFS or UNIX security style you can allow access to Windows and Linux users.

    The best practices to choose security style is described in documentation
    https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-nfs%2FGUID-00DA93A7-6A41-4DA8-87A8-1DCC91061599.html

RajeshPanda
2,485 Views

@singamreddy  can you please look into the response given by our experts?

 

If any of the above response helped you solve your query then please Accept as Solution, this will help others with the same query.

Public