Network and Storage Protocols

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

CIFS Share no write acess but can read

Netapp_maniac
‎2021-08-17 09:38 AM
9,606 Views

Hey Techies ,

 

I have created a cifs share with default permission  of user/group -Everyone with FUll control . but then i see that i can access the folder but unable to write anything in the folder . Volume 's security style is mixed type.

 

Deets -

Created a vol1 of mixed security-style

Created a export-policy rules and applied to the vol1

Created a cifs share on vol1 , and created ACL's on it .

I am not able to understand where i am going wrong .because vol1 is accessible but unable to write.

 

Can someone help me here to get this fixed .

I am using -NetApp Release 9.8RC1 

 

Thanks in advance

 

0 Kudos
14 REPLIES 14

pedro_rocha
‎2021-08-17 10:46 AM
9,593 Views

mixed is a must?

0 Kudos

Netapp_maniac
‎2021-08-18 03:26 AM
In response to pedro_rocha
9,523 Views

Is there any other way that both CIFS and NFS clients can access same share ?

0 Kudos

aladd
NetApp
‎2021-08-18 03:32 AM
In response to Netapp_maniac
9,526 Views

You can have both access the same share. it may be necessary to implement name mapping to do so.

 

You can reference the guide that was mentioned earlier:

 

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.exp-multp-cg/SMB-CIFS%20and%20NFS%20multiprotocol%20express%20configuration.pdf

 

Can you specify the ACLs you set up earlier?

0 Kudos

pedro_rocha
‎2021-08-18 06:31 AM
In response to Netapp_maniac
9,505 Views

as @aladd  said... name mapping and set it to NTFS or UNIX depending from where the majority of the users connect

0 Kudos

tduran12165
‎2021-08-17 02:18 PM
9,576 Views

Howdy,

 

Not sure what your export-policy looks like, but did you verify these settings?  (These are sample settings below)  

  • Read-only access: To clients using NTLM or Kerberos authentication
  • Read-write access: To clients using Kerberos authentication
0 Kudos

aladd
NetApp
‎2021-08-17 07:04 PM
9,564 Views

What ACLs did you set up on it?

 

Also, when you attempt to write, what is the failure message and secd output? (example for secd output after a failed attempt ::>event log show -event *secd*)

0 Kudos

Netapp_maniac
‎2021-08-18 02:34 AM
In response to aladd
9,531 Views

When i attempt to write its says" you need permission for this action"

 

0 Kudos

Netapp_maniac
‎2021-08-18 04:37 AM
In response to aladd
9,515 Views

I ran this command - " vserver sectrace trace-result show " and below is the error if you could help here ?

 

Access is denied by UNIX
permissions while creating
the directory. Access is not
granted for: "Synchronize",
"Read Control", "Read
Attributes", "Execute", "Read
EA", "Append", "Read"

 

0 Kudos

aladd
NetApp
‎2021-08-17 07:07 PM
9,561 Views

This also depends on if you are attempting to mount it on a Linux client or access through an NTFS client.

 

See the following for failures in Linux clients.

 

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Linux_client_mounts_CIFS_share_fails_with_error_%22write-protected%2C_...

 

For additional information on CIFS shares and multi-client access.

 

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_troubleshoot_CIFS_share_and_export_policy_access_permissions

0 Kudos

Netapp_maniac
‎2021-08-18 01:22 AM
In response to aladd
9,535 Views

i am unable to view this page -it say's "you dont have permission to view this page "

 

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_troubleshoot_CIFS_share_and_export_policy_access_permissions

0 Kudos

aladd
NetApp
‎2021-08-18 02:07 AM
In response to Netapp_maniac
9,532 Views

Sorry about that, I have sent an incorrect link. However @DarrenJ has sent you some helpful links concerning configuration that may be of use as well.

 

 

You may also find this helpful:

 

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Troubleshooting_CIFS_or_SMB_access_denied

 

 

DarrenJ
NetApp
‎2021-08-17 07:17 PM
9,561 Views

What kind of client is trying to access this? If it's strictly Windows/CIFS, you don't need an export policy on the volume at all, and ideally would want NTFS file system rather than mixed.

 

Few useful links maybe.

 

CIFS Express Configuration Guide ( Just Windows/CIFS clients)

 

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.exp-cifs-cfg/SMB-CIFS%20configuration%20express.pdf

 

MultiProtocol Express Configuration Guide

 

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.exp-multp-cg/SMB-CIFS%20and%20NFS%20multiprotocol%20express%20configuration.pdf

Netapp_maniac
‎2021-08-18 02:33 AM
In response to DarrenJ
9,529 Views

I need both type of client to access this share 

0 Kudos

Ashun
Monday
125 Views

Not sure if the same is true, or may be taken as a reference
When I use cifs share (security style is unix), I will change the Unix-Permissions field to --rwxrwxrwx to ensure that I can read and write

Once I created three vol, the security style was ntfs, unix, mixed, and cifs share was created.
The export-policy rules are 0.0.0.0/0
An ACL is Everyone/Full Control
I accessed three shares on Windows, and the situation was: ntfs can read and write, unix and mixed can read but not write, I checked all the factors that can affect permissions, and when I changed the volume field Unix-Permissions to --rwxrwxrwx, the shares could read and write immediately

0 Kudos
Announcements
All Community Forums
Public