Network and Storage Protocols
Network and Storage Protocols
To all,
I am new to NetApp so any assistance will be highly appreciated. I am able to log onto the filer without in problems, however I am unable to access any of the shares. Everytime I have tried to access any shares, I am prompt for my credentials and after I enter my credentials a pop-up appears saying check my username and/or password. I know my credentials are correct because they are the same credentials I use to log onto the filer. I know its not my workstation because others do not have problems accessing the shares from my workstation. I am experiencing this problem along with the users whom accounts I create.
I have verified that I am in the administrators group and everything. I have even had my account deleted and recreated and that didn't not solve the problem. Like I said earlier, I am new to Netapp and I hope I haven't confused anyone reading this post. I am willing to try anything.
Thanks in advance
rule #1 - you cannot use "root" to map a share. Which user are you using?
Is it a Active Directory User? Are the others also AD users?
What is the Share ACL? "cifs shares" output would help here. "qtree status" would help too.
I am not using the root account, I am using my admin account. All of the users are AD users. Like I said I am new to NetApp so I don't know what you mean about Share ACL. I am working in a secure environment so it very little info that I can give
no info = harder to help. But we can still try...
Is your admin account from the AD or local on the NetApp?
If the other users can connect, then it might be related to your account being member of the local "Administrators" group, and the users are in the "Everyone" group or something else.
Output of cifs shares for C$:
Name Mount Point
---- -----------
C$ /vol/vol0 BUILTIN\Administrators / Full Control
which means ONLY members of the local "Administrators" group can map this share. If your account is not in there, it cannot map.
This is not NetApp specific, it is Windows...
you can use the "wcc" command.
Example from my system (anonymized)
filer> wcc -s AD123\adminaccount
(NT - UNIX) account name(s): (AD123\adminaccount - root)
***************
UNIX uid = 0
user is a member of group daemon (1)
user is a member of group daemon (1)
NT membership
AD123\adminaccount
BUILTIN\Administrators
User is also a member of Everyone, Network Users,
Authenticated Users
***************
filer>
*** Every time I use the wcc command I get no passwd entry for (mysid) ***
What exactly do you mean with this?
When I try with a user that it cannot find, I get this error:
filer> wcc -s AD123\user123
Invalid name AD123\user123
Maybe you are "missing" the passwd file in /etc on the root volume (this is NetApp specific )
I've tried the wcc -u command with a "unix/local" user that does not exist and got the same error as you:
filer> wcc -u unixuser123
no passwd entry for unixuser123
So the problem seems to be with your local /etc/passwd...
try:
priv set diag
ls /etc
and check if you see the file, if yes, try:
rdfile /etc/passwd and make sure you have at least these entries:
filer> rdfile /etc/passwd
root:_J9..AdPd30Fbb1F8/iQ:0:1::/:
pcuser::65534:65534::/:
nobody::65535:65535::/:
Peter
try:
wcc -s **my user ID**
your welcome
To me this looks like the useraccount you use to connect is not known to the NetApp system. Either it is not a Active Directory user, or if it is, the System is not "properly" integrated into the AD.
cifs domaininfo
cifs testdc
options cifs.trace_login on
and then retry to connect to the share, the errors on the SystemConsole should provide you with more information wehre to look next for troublshooting.
Does the passwd look like this?
filer> rdfile /etc/passwd
root:_J9..AdPd30Fbb1F8/iQ:0:1::/:
pcuser::65534:65534::/:
nobody::65535:65535::/:
Do the cifs commands give clean answers?
cifs domaininfo
cifs testdc
you definitely need to create the /etc/passwd
first create the "hash" password for the root user:
cifs passwd *********** (********** is the cleartext password of the root user)
filer> cifs passwd root_password
password is _J9..Z8TkmBZd2pufcCg
then use wrfile to create the missing /etc/passwd and copy paste the needed thrre accounts...
filer> wrfile /etc/passwd
root:_J9..Z8TkmBZd2pufcCg:0:1::/:
pcuser::65534:65534::/:
nobody::65535:65535::/:
the pcuser is needed for all the other windows users...
the nobody is needed for users that cannot be mapped to...
then retry the access.
Other possibilities:
1. the security style on the volume/qtree is not ntfs
2. the options wafl.nt_admin_priv_map_to_root is set to oof or on, try changing it