Network and Storage Protocols

Share Access

littletubby0520
70,661 Views

To all,

   I am new to NetApp so any assistance will be highly appreciated. I am able to log onto the filer without in problems, however I am unable to access any of the shares. Everytime I have tried to access any shares, I am prompt for my credentials  and after I enter my credentials a pop-up appears saying check my username and/or password. I know my credentials are correct because they are the same credentials I use to log onto the filer. I know its not my workstation because others do not have problems accessing the shares from my workstation. I am experiencing this problem along with the users whom accounts I create.

I have verified that I am in the administrators group and everything. I have even had my account deleted and recreated and that didn't not solve the problem. Like I said earlier, I am new to Netapp and I hope I haven't confused anyone reading this post. I am willing to try anything.

Thanks in advance

16 REPLIES 16

peter_lehmann
70,567 Views

rule #1 - you cannot use "root" to map a share. Which user are you using?

Is it a Active Directory User? Are the others also AD users?

What is the Share ACL? "cifs shares" output would help here. "qtree status" would help too.

littletubby0520
70,567 Views

I am not using the root account, I am using my admin account. All of the users are AD users. Like I said I am new to NetApp so I don't know what you mean about Share ACL. I am working in a secure environment so it very little info that I can give

peter_lehmann
70,567 Views

no info = harder to help. But we can still try...

Is your admin account from the AD or local on the NetApp?

If the other users can connect, then it might be related to your account being member of the local "Administrators" group, and the users are in the "Everyone" group or something else.

Output of cifs shares for C$:

Name         Mount Point                     

----               -----------                            

C$               /vol/vol0                      BUILTIN\Administrators / Full Control

which means ONLY members of the local "Administrators" group can map this share. If your account is not in there, it cannot map.

This is not NetApp specific, it is Windows...

littletubby0520
70,552 Views

How can I check to see if I am a member of the local admin group

peter_lehmann
70,552 Views

you can use the "wcc" command.

Example from my system (anonymized)

filer> wcc -s AD123\adminaccount
(NT - UNIX) account name(s):  (AD123\adminaccount - root)
        ***************
        UNIX uid = 0
        user is a member of group daemon (1)
        user is a member of group daemon (1)

        NT membership
                AD123\adminaccount
                BUILTIN\Administrators
        User is also a member of Everyone, Network Users,
        Authenticated Users
        ***************
filer>


littletubby0520
70,545 Views

Every time I use the wcc command I get no passwd entry for (mysid)

peter_lehmann
70,546 Views

*** Every time I use the wcc command I get no passwd entry for (mysid) ***

What exactly do you mean with this?

When I try with a user that it cannot find, I get this error:

filer> wcc -s AD123\user123

Invalid name AD123\user123

Maybe you are "missing" the passwd file in /etc on the root volume (this is NetApp specific )

I've tried the wcc -u command with a "unix/local" user that does not exist and got the same error as you:

filer> wcc -u unixuser123

no passwd entry for unixuser123

So the problem seems to be with your local /etc/passwd...

try:

priv set diag

ls /etc

and check if you see the file, if yes, try:

rdfile /etc/passwd and make sure you have at least these entries:

filer> rdfile /etc/passwd

root:_J9..AdPd30Fbb1F8/iQ:0:1::/:

pcuser::65534:65534::/:

nobody::65535:65535::/:

Peter

littletubby0520
70,538 Views

After I enter wcc –u **my user ID**

Enter

No passwd entry for me

peter_lehmann
70,538 Views

try:

wcc -s **my user ID**

littletubby0520
69,168 Views

wcc -s *my user ID*

Enter

Mapped user not found.

Issue options cifs.trace_login on…

And I would like to thank you now and again for helping me. You are/have provided me with more assistance than the individual that I replaced

peter_lehmann
69,169 Views

your welcome

To me this looks like the useraccount you use to connect is not known to the NetApp system. Either it is not a Active Directory user, or if it is, the System is not "properly" integrated into the AD.

cifs domaininfo

cifs testdc

options cifs.trace_login on

and then retry to connect to the share, the errors on the SystemConsole should provide you with more information wehre to look next for troublshooting.

littletubby0520
69,154 Views

The account is an AD account. When you say the system is not “properly” integrated into the AD, what exactly do you mean?

peter_lehmann
69,155 Views

Does the passwd look like this?

filer> rdfile /etc/passwd

root:_J9..AdPd30Fbb1F8/iQ:0:1::/:

pcuser::65534:65534::/:

nobody::65535:65535::/:

Do the cifs commands give clean answers?

cifs domaininfo

cifs testdc

littletubby0520
69,147 Views

Cifs domaininfo

Cifs testdc

Gave clean answers

Tried running the rdfile /etc/passwd and got No such file or directory

peter_lehmann
69,148 Views

you definitely need to create the /etc/passwd

first create the "hash" password for the root user:

cifs passwd ***********  (********** is the cleartext password of the root user)

filer> cifs passwd root_password

password is _J9..Z8TkmBZd2pufcCg

then use wrfile to create the missing /etc/passwd and copy paste the needed thrre accounts...

filer> wrfile /etc/passwd

root:_J9..Z8TkmBZd2pufcCg:0:1::/:

pcuser::65534:65534::/:

nobody::65535:65535::/:

the pcuser is needed for all the other windows users...

the nobody is needed for users that cannot be mapped to...

then retry the access.

Other possibilities:

1. the security style on the volume/qtree is not ntfs

2. the options wafl.nt_admin_priv_map_to_root is set to oof or on, try changing it

littletubby0520
60,796 Views

Thanks for your help Peter, but I have a meeting to go to in another building and I won’t return until tomorrow. I will create the /etc/passwd

Public