Network and Storage Protocols

Access denied on Multi protocol SVM NFS mount

TimJMcCuen
1,137 Views

Hello,

 

I followed the SMB /CIS and NFS Multiprotocol Configuration guide for ontap 9.7

I was able to create the SVM, volume etc as the guide describes.

I am able to go to a Windows servers and successfully access the share and write to the volume.

When I log into my Red Hat Linux 7.9 client   I am able to sudo bash and do mkdir /mnt/folder

When I enter the command "mount -t nfs -o nfsvers=3,hard <data lif IP>:/test (volume name)   /mnt/folder

I get the error    mount:nfs access denied by server while running mount <SVM IP>:/test

 

 

My export is set to include the IP of the server I am trying to mount the volume test on  with access protocols  CIFS/NFS    read-only rule never, RW rule Any, Superuser access   Any.    I applied this export to to volume in the junction path.

 

Under Host users and name mapping I set Unix to Windows pattern (.+)    replacement ENG\\1       and under Windows to Unix   the pattern is ENG\\(.+) and replacement is \1.  This what is recommended to do in this manual.

 

I am no Unix guru but I have ssuccessfully set up NFS SVM's and have been able to mkdir /mnt touch files on this same Unix server.

 

Not sure where I went wrong or what other information would be helpful to troubleshoot this?   THanks.

1 ACCEPTED SOLUTION

hmoubara
948 Views
3 REPLIES 3

hmoubara
1,098 Views

Hello, 

To be able to mount via NFS you will need to have read access for the root vol and read-write for the volume in junction-path.

You can run the below command to check where the failing is occuring.

cluster1::> vserver export-policy check-access -vserver <vserver-name> -client-ip <Ip address> -volume
<volume name> -authentication-method sys -protocol nfs3 -access-type read-write

 

The below kb can help you troubleshoot the issue:

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Troubleshooting_Access_Denied_or_Mount_Hung_from_NFS_client_for_cluste...

 

Thanks 

TimJMcCuen
1,044 Views

Thank you.  This is very helpful.     I think I am getting hung up on the Name mapping    Unix to Windows and Windows to Unix.      I put in the values as described in the Multiprotocol Guide.   When I ran secd authentication show-creds -node <node name> -vserver <vserver name> -uid 0            I got the output could not find Windows name "ENG\1"      Failure: name mapping for Unix user 'root' failed.   Explicit Mapping failed and no default mapping found.       Perhaps I should change ENG\1 to something else?    Do you know of any document that describes / gives examples of Name Mapping (unix to windows, windows to unix).   Thanks.

hmoubara
949 Views
Public