Hi all
I’m afraid I don't have a lab available to do the tests myself, but I want to raise a few points in order to get the correct framing.
1. The right tool in ONTAP to follow any “access denied” is the sectrace tool, I think it should be used first to understand if it’s a true access issue that ONTAP is also aware of - or not:
https://kb.netapp.com/app/answers/answer_view/a_id/1071847/loc/en_US
at that point – please also provide the ONTAP version (the “version” command should work), and look for any events in the system log during the time of the move-item (event show command).
2. If sectrace not giving us much. I think it will be good to keep it recording, and also get a packet trace at the same time to see what the client is asking the storage to do, as in general the client and PS command doesn’t know the difference from qtree to volume (see exception below). The packet trace can be collected from the NetApp (search pktt) or from the client using tools like Wireshark or “netsh trace”. I think its worth also to take traces to compare a normal windows cut-paste (assuming that cut-paste working as expected), and move scenarios that you descried that do work for you.
3. One exception we might see in the packet trace is ODX (copy offload). I don’t think ODX should be utilized within the same volume (it should just use the built-in and old school smb-move command). The problem with ODX is that there’s dozens of cases where it’s not supported/working – so if it does get utilized - we might hit one of these cases.
If we get a packet trace we can look for the ODX commands with the following filters:
smb2.cmd == 11 <<<<gives you all the FSCTL….look for OFFLOAD
smb2.ioctl.function == 0x00094264 <<<gives you FSCTL_OFFLOAD_READ
smb2.ioctl.function == 0x00098268 <<<gives you FSCTL_OFFLOAD_WRITE
(Taken from this kb: https://kb.netapp.com/app/answers/answer_view/a_id/1006170)
If we do see ODX being involved. I think it’s worth trying to disable it, reboot the windows client, and see what’s happens.
vserver cifs options show -vserver vserver_name -fields copy-offload-enabled
vserver cifs options modify -vserver vserver_name -copy-offload-enabled false
4. If you get to a dead-end, We need as much information documented so whoever try to reproduce it compare apples to apples - from windows I think we need the following output from PowerShell :
Get-Command Move-Item|ft Version
get-host|ft Version
gwmi Win32_OperatingSystem|ft Caption,version
Get-HotFix|ft HotFixID
fltmc instances
Get-ItemProperty hklm:\system\currentcontrolset\control\filesystem -Name "FilterSupportedFeaturesMode" | ft F*
Gidi