2015-11-04 07:54 AM
We have an application that uses NetShareSetInfo (information level 502) that manages share permissions on Windows servers. Also works on NetApp appliances. Code has been around over 15 years...no changes.
Recently, several customers have reported an issue when using the latest version of OnTap, the resulting share permisisons are all set to DENY after calling this function to modify the share permissions. This function works fine on real Windows Servers (all versions), and presumably has worked on previous versions of OnTap. The end result is immediate loss of the connection to the share and is very disruptive (ie very BAD) for customers.
Would like to work with someone at NetApp on identifying the cause, any workarounds, etc. that can be used to address this issue ASAP.
2015-11-04 02:10 PM
An update, we tried using information level 1501 to just set the security descriptor on a share, and got the same results: all security information is changed to DENY. Something is happening that is causing ONTAP to change all ACEs in a security descriptor to DENY. This seems to be new bahavior in the latest release, and does not happen under Windows.