Network and Storage Protocols
Network and Storage Protocols
I have a system configured for multi protocol CIFS. A windows user coming from a windows client accessing an ntfs style qtree via a cifs share is being mapped to a unix user (and failing as I have not setup usermap.cfg / passwd etc etc), is this correct? My understanding was a mapping would only take place if the qtree was of unix security with unix perms.
Solved! See The Solution
Yes, NetApp still performs user mapping and it must succeed (i.e. – valid Unix user name must be found). By default, wafl.default_unix_user is set to “pcuser” and “pcuser” exists in /etc/passwd by default. So mapping succeeds. It does not actually matter, which user CIFS user is mapped to, because this user is not used for any permissions checking.
Verify that wafl.default_unix_user is set and user it is set to exists /etc/passwd and /etc/passwd is used for user name resolution.
Make this option is set to "on". This should be configured at the Filer level. Also make sure you have right qtree security configured on the volume where you are doing your cifs shares.
options cifs.ntfs_ignore_unix_security_ops on
Enable this option do a cifs terminate and cifs restart and give it another try.
Hmm … this option actually applies to NFS client, accessing NTFS qtree, not to CIFS users accessing NTFS qtree. I wonder, whether setting it changes anything.
Just out of curiosity I did try this, without success.
Yes, NetApp still performs user mapping and it must succeed (i.e. – valid Unix user name must be found). By default, wafl.default_unix_user is set to “pcuser” and “pcuser” exists in /etc/passwd by default. So mapping succeeds. It does not actually matter, which user CIFS user is mapped to, because this user is not used for any permissions checking.
Verify that wafl.default_unix_user is set and user it is set to exists /etc/passwd and /etc/passwd is used for user name resolution.
Thanks for this - All sorted now.