Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have setup a dual protocol volume using azure netapp files. After setup, we are having some issues regarding permissions.
- ANF is connected to our AD
- Volume security is set to UNIX
When we create a folder on linux the folder gets the user/group added. When you try and access that same folder from windows you get access denied, even if you were the one to create the folder. The only way to get access is to set the folder to 777. Also when we create a folder on the windows side the unix permissions shows as NFSNOBODY, however it is open to anyone.
Maybe this is a LDAP issue, but we haven't been able to pin point what the exact issue is.
2 REPLIES 2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Most likely the user is being mapped to unix user "pcuser 65534". LDAP is not configured or LDAP is not reachable.
To verify the mapping is working as intended, you can use the following commands:
Cluster1::> set -privilege advanced
Cluster1::*> vserver services access-check name-mapping show -node [node_name] -vserver [vserver_name] -direction win-unix -name [user_name]
How to configure LDAP Authentication for Cluster (Admin) SVM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Seems that it is a usermap issue but with ANF you don't have access to ONTAP Cli to check with the above cmds..
Anyway, to allow local unix user or correct name translation, you will need to tick the "Allow local NFS users with LDAP" box and obviously enrich LDAP users with UID and GID in the LDAP Posix Attributes.
it is pretty well documented here : https://docs.microsoft.com/en-US/azure/azure-netapp-files/create-volumes-dual-protocol
Look for the section :
Allow local NFS users with LDAP to access a dual-protocol volume
BR
David BENADIBA
