Ask The Experts

win-unix name-mapping for multiple domains




I am trying to find documentation for when name-mapping is required based on the Windows domain they are coming from. We have multiple domains and often times users coming in from SMB to a unix security-style volume will be mapped without name-mapping in place. Other times, it is required but it seems like it is only when they come from specific other domains.


Is there any documentation that explains when name-mapping is necessary (e.g. two-way trusts, one-way trusts, or some other factor)?








I think this topic is covered in almost all ontap versions. Following KB, does a good job in explaning this concept in short. I suggest, take a look at few kbs, and see if that answeres your queries. If not, then let us know, we will try and help you out.


FAQ: Understanding name-mapping in a multiprotocol environment:


Troubleshooting Workflow: Most common issues with multi-domain search for usermapping


Enabling or disabling multidomain name mapping searches (Look for this section):

How to create and understand vserver name-mapping rules in clustered Data ONTAP

This TR is alo good, lot of examples:

Some more Kbs to refer:
How to set up Windows to UNIX user mapping over LDAP


How to access files from both Windows/CIFS and UNIX/NFS user accounts (7-mode)