Network and Storage Protocols

CIFS Homedir hidden shares and username change

brandonrjackson
8,101 Views

We have replicated this issue on two separate NetApp 2020s at this point.  We have the homedir setup as hidden shares, and when you create a new user (and the home directory folder), the user can successfully map to \\filer\username$.  So that is working perfectly.

However, when a user changes their user ID (i.e. marriage or divorce), it takes up to 48 hours for the new \\filer\username$ mapping to be accessible by the user.  We change the user ID in Active Directory (along with display name), and change the folder name on the Home Directory share to match the new username.  After doing this, the user cannot map to the new directory name until a couple of days has past.  The user can successfully use other CIFS shares during this time.

From the NetApp, if we run cifs homedir showuser username  and it does show the association to the new folder name, so we know it at least sees that the ID has changed.  However, the hidden share will not work.  Additionally, if you look at the security of the directory folder, the display name for the user object still shows the old user display name.  Running cifs homedir load -f does not seem to help.

Is there another command that will make the NetApp associate the new hidden share correctly?  Thanks for any responses to this!

Brandon

1 ACCEPTED SOLUTION

BrendonHiggins
8,101 Views
5 REPLIES 5

BrendonHiggins
8,102 Views

Hi, welcome to the community.

I think caching is your issue.

http://now.netapp.com/NOW/knowledge/docs/ontap/rel707/html/ontap/cmdref/man1/na_cifs_sidcache.1.html

Hope it helps

Bren

brandonrjackson
8,101 Views

This was exactly my issue! (i just didn't know how to fix it).  Using the KB article you provided, I was able to use the command cifs sidcache clear user username to manually clear the cache.  The next time the user logged in the home directory mapping was updated successfully.  I also used the options cifs.sidcache.lifetime option to change the value slightly to more accurately reflect the use.  Is there any danger to setting this value "too low" (I set it to 720 minutes)?  Thanks for your help with this!

Brandon

BrendonHiggins
8,101 Views

Sorry do not know the answer to that one.

Bren

jb2cool01
8,101 Views

BrendonHiggins wrote:

Sorry do not know the answer to that one.

Bren

never thought i'd see the day.

BrendonHiggins
8,101 Views

It is an age thing. All down hill from here I am told.

Fancy a trip up North? Hosting the VMUG event on the 13th of April. Like to site here. http://www.vmug.org.uk/index.php?option=com_seminar&Itemid=5

Bren

Public