ONTAP Discussions

Unable to access CIFS share sub-folders due own by "Creator Owner"

jeffbilbro
5,348 Views

We have a very large CIFS share (approx. 300,000 files, 3TB). Some of the sub-folders have become owned by "Creator Owner". Even with full administrative rights we are unable to change security permissions on these folders or take ownership.

We have tried the takeown.exe, ICACLS.exe, SetACL.exe (third-party) commands without success. 'Access Denied' is the result. We have also tried accessing the shares on the NetApp via Windows Computer Management.

We have tried removing the CIFS share and changing the security style of the qtree to Unix and then via an NFS export running chown and chmod to give root ownership and full access. We have also tried copying the data to a new qtree via NFS. No luck with any of this. When a new CIFS share is created, the bad NTFS security permissions are remembered and access is denied.

Any advice on how to remove or change the NTFS security permissions would be appreciated. Ideally, we would like to grant Administrator or Domain Admins ownership and full access to all folders and files.

We are running Data ONTAP Release 8.0.2P3 7-Mode

1 REPLY 1

danekantner
5,348 Views

I've seen this pop up now and then in our environment and normally can just reclaim ownership.  But right now I have a user's directory where it's CREATOR OWNER and won't let me take ownership.  The file permissions themselves have "everyone" set to "read and execute" only as well as one specific user w/ the same permissions.. Can't add permissions, etc.  These particular files are very old and have been migrated across 4 NetApp environments at this point.  I think the problem may have originated on the last environment, and the NDMP copy doesn't care what the NTFS permissions are so it replicated the problem to the new system in these cases?  (though, I don't know that for sure.)

I don't think it has much to do with CIFS shares permissions vs NTFS, it looks like NTFS has become corrupt somehow to me, or I've removed the level of permissions needed to be able to manage them. I was under the impression that ownership should be changeable either way, so it looks like some sort of corruption to me.

Public