Network Storage Protocols Discussions

people dosn't got all their group while browsing a unix atree on windows




I have some people but not all who have problem when browsing a directory in an unix volume from windows 


The configuration is based on an active directory.

when i run 


diag secd authentication show-creds -win-name PC\gsamson -node cns_n03 -vserver cns_svm_01

 UNIX UID: gsamson <> Windows User: PC\gsamson (Windows Domain User)

 GID: g_gsamson
 Supplementary GIDs (partial):

 Windows Membership:
  PC\g_smb (Windows Domain group)
  PC\g_metabo (Windows Domain group)
  PC\g_wanda (Windows Domain group)
  PC\g_info (Windows Domain group)
  PC\g_lisdev (Windows Domain group)
  PC\g_vigne (Windows Domain group)
  PC\g_tara (Windows Domain group)
  PC\g_principal_cns (Windows Domain group)
  PC\g_extprj (Windows Domain group)
  PC\g_dosage (Windows Domain group)
  PC\g_sybase (Windows Domain group)
  PC\g_submit (Windows Domain group)
  PC\g_cloacadata (Windows Domain group)
  PC\g_cns (Windows Domain group)
  PC\g_atelier (Windows Domain group)
  PC\g_urza (Windows Domain group)
  PC\g_cnsnglapps (Windows Domain group)
  PC\g_gsamson (Windows Domain group)
  PC\g_lims_adm (Windows Domain group)
  PC\Utilisa. du domaine (Windows Domain group)
  BUILTIN\Users (Windows Alias)
 User is also a member of Everyone, Authenticated Users, and Network Users

 Privileges (0x2080):

we can see that the used gsamson doesn't receive all her groups from the AD. 

in a unix machine based on the AD we got all the groups 


uid=1202(gsamson) gid=1202(g_gsamson) groupes=1202(g_gsamson),502(g_cns),106(g_sybase),507(g_wanda),529(g_cloacadata),128(g_extprj),545(g_tara),127(g_vigne),501(g_info),522(g_metabo),544(g_smb),102(g_atelier),2665(g_principal_cns),1357(g_lims_adm),1477(g_urza),1970(g_cnsnglapps),539(g_submit),542(g_dosage),556(g_lisdev)

the stange things is trhat thet netapp has the fallowing messages


 Supplementary GIDs (partial):

and that s true the list is partial.

how can i get all the gid list? 







I had an identical issue with AFF running 9.5. One day everything OK, the next some users lost their Supplementary GIDs listings and consequently access to their shares. I had to reboot the node in question.

Any idea why this happens, how to fix it non-disruptively,  and how to avoid it alltogether?




NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner