General Discussion

Disable NFS name mapping?



I'm urnning ONTAP 9.6 in our FAS2750. My ONTAP is integrated with our AD domain.

Now I'm creating a new NFS share. I've create volume called "xen_vms" and set security style to "UNIX".

The problem is that I can't mount this NFS (in any client, either windows or linux) if I don't fill "Default Windows User" in my NFS configuration (inside my SVM). If I fill this field with, for example, "Administrator" (an user from my domain), everything works fine.

I had the same problem some days ago, when all my AD servers was down for maintenance....and this is my convern.....when all my AD servers are down, I can't use my NFS share. So my questions is: is there any way to disable this 'feature' for NFS? I mean, automatic name mapping for NFS.

This is the error (with AD servers online, but field "Defailt Windows User" empty):

secd.nfsAuth.noNameMap: vserver (FEARP_01) Cannot map UNIX name to CIFS name. Error: Get user credentials procedure failed [ 2085] Determined UNIX id 0 is UNIX user 'root' [ 2085] Mapping Successful for Unix-user 'root' to Windows user 'FEA-RP\root' at position 1 [ 2086] Successfully connected to ip 143.X.Y.Z, port 445 using TCP [ 2094] Successfully authenticated with DC julia.fea-rp.local [ 2099] Could not find Windows name 'FEA-RP\root' **[ 2099] FAILURE: Name mapping for UNIX user 'root' failed. Explicit Mapping failed and no default mapping found

And this was the error while my AD servers was offline (some days ago)




I think I found the solution!

vserver nfs modify -vserver vserver_name -ignore-nt-acl-for-root enabled

This did the trick and now I can mount, even without "Default Windows User"  defined in SVM.


NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner