Network and Storage Protocols

SID to netapp user mapping

stanleyj42
2,881 Views

I am trying to see if anyone knows of a way to map a windows user or group to a user within the netapp that can assigned the administrator roll.  I am really not even sure if this is the correct route on what i am trying to accomplish so I am all ears to anyone who thinks there is a better way to accomplish what i am describing below.  Thank you to all that responed.

I have created a cifs share on our fas3270.  This share is going to be used for roaming profiles.  When the user first logs into a pc there profile is created in the share and they are the owners of the folder.  I do not have issues with this.  What i do have a problem with is now any administration that needs to be done to the users profile (say the person has quit and i need to remove it) can only be by the users account.  No inherited permissions can be assigned.  I know this doesnt sound like that big of a problem but i would like to know that atleast the administrators can still have rights to the folder.

So my thinking is if i can mapp say the domain admins SID to a built in user of the netapp that has the administrators role will anyone in the Domain admins group then always have rights to the folders within the share?

All ideas are greatly appreciated.      thank you.

1 REPLY 1

shaunjurr
2,881 Views

Hi,

You probably need to brush up a bit on the documentation.  There is also a "TR" on RBAC for NetApp, even if it is not an easy concept to implement.  Basically, you just need to add a domain user with significant rights.  'useradmin' is your friend here.  Something like 'useradmin domainuser add YOUR_AD\the_admin_group -g administrators' should do the job.

Public