ONTAP Discussions

Add a Netapp local user to a CIFS share

JJGALLIHER
12,514 Views

I am running Netapp 9.0P3.   I have a need to use a non Active Directory user (local user).   I have defined a local user on the filer.   I go into the Windows Security tab on the share and select Edit to add a new user.   I select the IP address of the filer and enter the local user name but Windows gives me a message the user can not be found.   Does anyone have an idea on how to make this work or if this is possible?   I am working with netapp support but the resource I am working with is unavailable until Monday.   Thanks

 

1 ACCEPTED SOLUTION

mbeattie
12,446 Views

Hi,

 

What's the case number? I did test it for you in my lab using an ONTAP 9.1 simulator and i was able to set the NTFS permissions for a CIFS share to a local user.

 

 

cluster1::> cifs users-and-groups local-user create -user-name data_admin -is-account-disabled false -vserver vserver1 -description "Data Administrator"

Using windows explorer browse to the CIFS share then peform the following actions:

 

  • right click properties
  • click the security tab
  • click edit\add\location
  • Change the location to the local vserver and click ok
  • type the local cifs username, click the 'checknames' button and ok
  • Set the NTFS permission for the local user.

 

EG:

 

ntfs.png

 

Note: If you have used the "security login create" command (EG below), then you will NOT be able to add that user to the NTFS permissions of your CIFS share.

Use the "cifs users-and-groups local-user create" command (EG above) instead.

 

cluster1::> security login create -user-or-group-name data_admin -application ontapi -authentication-method password -role vsadmin-volume -vserver vserver1
cluster1::> security login create -user-or-group-name data_admin -application http -authentication-method password -role vsadmin-volume -vserver vserver1
cluster1::> security login create -user-or-group-name data_admin -application ssh -authentication-method password -role vsadmin-volume -vserver vserver1

 

Once you've created the user using the "cifs users-and-groups local-user create" command you should then be able to browse it using computer management (compmgmt.msc) EG

From a command prompt type compmgmt.msc to open computer management, Right click on "Computer management" and select "connect to another computer" and type the CIFS vserver name and click ok then browse the local users and groups. Is the user account you created visable? EG

 

compmgmt.png

 

Hope this helps?

 

/Matt

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

1 REPLY 1

mbeattie
12,447 Views

Hi,

 

What's the case number? I did test it for you in my lab using an ONTAP 9.1 simulator and i was able to set the NTFS permissions for a CIFS share to a local user.

 

 

cluster1::> cifs users-and-groups local-user create -user-name data_admin -is-account-disabled false -vserver vserver1 -description "Data Administrator"

Using windows explorer browse to the CIFS share then peform the following actions:

 

  • right click properties
  • click the security tab
  • click edit\add\location
  • Change the location to the local vserver and click ok
  • type the local cifs username, click the 'checknames' button and ok
  • Set the NTFS permission for the local user.

 

EG:

 

ntfs.png

 

Note: If you have used the "security login create" command (EG below), then you will NOT be able to add that user to the NTFS permissions of your CIFS share.

Use the "cifs users-and-groups local-user create" command (EG above) instead.

 

cluster1::> security login create -user-or-group-name data_admin -application ontapi -authentication-method password -role vsadmin-volume -vserver vserver1
cluster1::> security login create -user-or-group-name data_admin -application http -authentication-method password -role vsadmin-volume -vserver vserver1
cluster1::> security login create -user-or-group-name data_admin -application ssh -authentication-method password -role vsadmin-volume -vserver vserver1

 

Once you've created the user using the "cifs users-and-groups local-user create" command you should then be able to browse it using computer management (compmgmt.msc) EG

From a command prompt type compmgmt.msc to open computer management, Right click on "Computer management" and select "connect to another computer" and type the CIFS vserver name and click ok then browse the local users and groups. Is the user account you created visable? EG

 

compmgmt.png

 

Hope this helps?

 

/Matt

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Public