Network and Storage Protocols

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

Access denied on a Pre login script on a cifs share

RENAUD_TOUILLET
‎2012-11-16 04:50 AM
5,214 Views

Hello,

We have an issue with a pre login script. Each time a user start a computer we have a script that is running (launched by a GPO) before the user log on. So basically there's no AD user that is running this script. The problem is that this script is writting a file on the NetApp share, but as there's no AD associated we have an access denied:

Fri Nov 16 13:23:41 CET [filer: sectrace.filter.denied:info]: [sectrace index: 1] Access denied because 'Write' permission (0x2) is not granted on parent directory (Access denied by the share-level ACL) - Status: 1:47249883136:32:7 - 10.166.21.114 - NT user name:  - UNIX user name: (-1) -  - Path: /vol/cifs_divers/Prg/prg/a_log/SapLogon-Update.log

How can we by pass this? We tried to put Anonymous Logon on the share and the NTFS permission, but it's still not working. Do we need to change someting on the usermap?

Many thanks for your help.

Renaud

0 Kudos
View By:
1 ACCEPTED SOLUTION
5 REPLIES 5

ogra
NetApp
‎2012-11-16 11:26 AM
5,214 Views

Well it said : (Access denied by the share-level ACL)

Have you checked your Share level permissions ? Can you provide the output for cifs shares <share-name-you are referring to>

Thanks!

0 Kudos

RENAUD_TOUILLET
‎2012-11-18 11:24 PM
In response to ogra
5,215 Views

Hello Ogra,

Well ok but which user should be added as no NT user is passed on the connexion??

...  NT user name:  - UNIX user name: (-1) -  - Path: /vol/cifs_divers/Prg/prg/a_log/SapLogon-Update.log

On the share ACL we tried to add "Anonymous Logon" but I think (-1) in unix world match "Nobody". Is it correct? How can we translate this in the NT world?

Thanks!

0 Kudos

ogra
NetApp
‎2012-11-19 10:51 PM
In response to RENAUD_TOUILLET
5,215 Views

From what I understand you are trying to map Unix User to NT user ? Is that correct ?

RENAUD_TOUILLET
‎2012-11-19 11:05 PM
In response to ogra
5,215 Views

Hello Ogra,

Yes exactly. And it's what we finally did. Map the "Null" NT user to a Unix user, so we can access our volume even if no NT user was passed. We created a new Unix user and in the usermap.cfg we added:

192.168.0.0/255.255.0.0:"" => newunixuser

Now the script is able to write on the filer.

Many thanks for your help.

Regards.

Renaud

0 Kudos
Announcements
All Community Forums
Public