CIFS Access on a NFS Volume
2020-02-10 06:52 AM
i need a hint...
I have a SVM with CIFS and NFS configured, mormal it is used für CIFS, is member of my AD and all works fine.
Now i made a small volume for NFS which is mounted on a linux host, this volume has UNIX as security style.
I can check the security on the NetApp:
cl01::*> vserver security file-directory show -vserver cl01-svm-cifs -path /cloud
File Path: /cloud
File Inode Number: 64
Security Style: unix
Effective Style: unix
DOS Attributes: 10
DOS Attributes in Text: ----D---
Expanded Dos Attributes: -
UNIX User Id: 33
UNIX Group Id: 33
UNIX Mode Bits: 770
UNIX Mode Bits in Text: rwxrwx---
The same i see on the linux machine:
drwxr-xr-x 4 root root 4096 Sep 26 17:35 ./
drwxr-xr-x 24 root root 4096 Jan 30 06:24 ../
drwxrwx--- 8 www-data www-data 4096 Jan 31 16:56 data/
When i check in /etc/passwd or /etc/group www-data is the user and group 33.
So i created a user and group "www-data" with the ID 33 on the SVM and made a "Windows to UNIX" mapping for my user "domain\user to www-data".
When i check:
cl01::*> diag secd authentication show-creds -node cl01-01 -vserver cl01-svm-cifs -win-name domain\stefan
UNIX UID: www-data <> Windows User: DOMAIN\stefan (Windows Domain User)
Primary Group SID: DOMAIN\Domänen-Benutzer (Windows Domain group)
So, my user is mapped to www-data, and www-data has access, but why i can't access the share?
When i set the rights for data to: drwxrwxr-x i can access the share, but this is not the correct solution...
What i missed here?
3 REPLIES 3
Re: CIFS Access on a NFS Volume
2020-02-10 08:16 AM
I have always used this guide to work through permissions issues:
In particular, the security trace filters (combined with reviewing event log entries) are usually successful in helping me figure out where exactly the issue lies.