Network and Storage Protocols

NTFS style qtree with NFS export

JOSHBAIRD
4,008 Views

I have a NTFS style qtree that is accessed by Windows users.

I also have an NFS export configured on this same qtree, and use a mapping in usermap.cfg to map a UNIX UID to Windows which allows the UNIX user access to the NFS export:

domain\user <= unixuser

This works great and allows "unixuser" access to the NFS export on the UNIX machine.  However, I now need to allow multiple UNIX users access to this NFS export.  How can I do this?  I'm not able to map groups, and I don't think I can map one Windows user to multiple UNIX users. 

Any ideas?

4 REPLIES 4

JGPSHNTAP
4,008 Views

This is known as a mixed mount which are wonderful.   Just get the UID from the unix users and add them to the passwd file.  Are these other users AD as well, b/c if so you want to make sure your unix id nad AD account matches

aborzenkov
4,008 Views

Отправлено с iPhone

12 марта 2014 г., в 21:17, "JGPSHNTAP" <xdl-communities@communities.netapp.com<mailto:xdl-communities@communities.netapp.com>> написал(а):

<https://communities.netapp.com/index.jspa>

Re: NTFS style qtree with NFS export

created by JGPSHNTAP<https://communities.netapp.com/people/JGPSHNTAP> in Data ONTAP - View the full discussion<https://communities.netapp.com/message/126999#126999>

This is known as a mixed mount which are wonderful. Just get the UID from the unix users and add them to the passwd file. Are these other users AD as well, b/c if so you want to make sure your unix id nad AD account matches

Reply to this message by replying to this email -or- go to the message on NetApp Community<https://communities.netapp.com/message/126999#126999>

Start a new discussion in Data ONTAP by email<mailto:discussions-community-products_and_solutions-data_ontap@communities.netapp.com> or at NetApp Community<https://communities.netapp.com/choose-container.jspa?contentType=1&containerType=14&container=2877>

aborzenkov
4,008 Views

Mixed mode is orthogonal to this problem and usually creates more problems than it solves. The best solution is to ensure one to one mapping between Windows and Unix users. If it is not possible, poor man's group access can be implemented by mapping multiple Unix users to the same Windows user and adding ACLs for this user.

JOSHBAIRD
4,008 Views

Thanks.  I ended up mapping one Windows user to two separate UNIX users and it seems to be working fine.

na\windowsuser <= unixuser1

na\windowsuser <= unixuser2

Public