2017-06-08 08:18 AM
Just a quick question I hope. I am migrating an older ONTAP 8.2 (7-mode) filer. I believe it had SLAG enabled on a UNIX volume primarily to enable CIFS auditing.
This SLAG setup may have been present when the filer was initially at 7.x levels, but that is a guess and before my time.
I suspect that at ONTAP 9.x SLAG is not required for auditing. When I searched the CIFS and NFS Auditing guide for SLAG I found no references to SLAG.
So am I correct in believing that SLAG is nolonger required for UNIX (NFS) auditing because of the nfsv4 acls be available now ?
I would ideally like to simplify the auditing and remove the SLAG if its not needed for enabling auditing anymore.
Solved! SEE THE SOLUTION
2017-06-09 02:20 AM
Thank you for contacting NetApp communities, yes you are right SLAG is no longer needed NFS auditing.
Please check the documentation for more information :- http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-cifs%2FGUID-032F05F4-C33B-43A8-A694-3E1A5A3DCDF4.html
2017-06-09 02:45 AM
Thanks for the response, it confirms what I thought I was reading in the guides. I have been unpicking an old filer and trying to
make sense of the configuration.
Just for clarity can you confirm in the new environment ONTAP 9.1 P1 the volume is : /vol/volname security = UNIX
it is exposed to clients via NFS exports And CIFS Shares.
So if I add suitable NFSv4 ACL to the volume. I should get audit events when the share is access from either
NFS or CIFS protocals. Is that correct ?