Network and Storage Protocols

CIFS share root access / force user samba equivalent

JBD_LONGUSERNAME
4,879 Views

Hello everybody,

I'm using NetApp Release 7.3.5.1.

I'm using ldap authentication and unix permissions only, no windows acl. I would like to access my CIFS shares with a "super user" that can access everything.

For example, here is a directory listed through NFS :

drwxrws---   10 root   Vmv  12288 Feb 22 12:18 Vmv

The permissions are 2770, you have to be in the Vmv group to access it, through NFS or CIFS.

This is the corresponding cifs share :

filer> cifs shares Vmv

Name         Mount Point                       Description

----         -----------                       -----------

Vmv          /vol/myvolume/Vmv                

             ... forcegroup=Vmv

                        Vmv{g} / Full Control

Samba offers a "force user" directive which is exactly what I need :

  force user (S)

           This specifies a UNIX user name that will be assigned as the default user for all users connecting to this service. This is useful for sharing files. You should also use it carefully as using it

           incorrectly can cause security problems.

           This user name only gets used once a connection is established. Thus clients still need to connect as a valid user and supply a valid password. Once connected, all file operations will be

           performed as the "forced user", no matter what username the client connected as. This can be very useful.

Is there a NetApp equivalent ? If not, is there a way to achieve what I want ? I could add myself to the Vmv group, but I could have some files under the Vmv directory not accessible to the Vmv group. And I have got thousands of shares with different groups. Basically, I just want a "super user" cifs access 😃

Regards,

Jean-Baptiste

3 REPLIES 3

brauntvr2swiss
4,879 Views

Hi Jean-Baptiste

Do you have a Solution for this founded? We have the same challange at our site.

TIA

Thomas

netapphamburg
4,879 Views

Hello,

we have the same challenge. Is there a solution? (Ontap 8.2 7-Mode)

Regards,

Joerg

kodavali
4,879 Views

there is no force user kind of functionality, but you can use -forcegroup" functionality for CIFS access. set the necessary permissions to the UNIX group on the directory or volume. configure that group as "-forcegroup" on the share.

Public