I've have problems writing to the etc$ folder, with 'Access is denied' and 'You need permissions to perform this action'
> qtree statusVolume Tree Style Oplocks Status-------- -------- ----- -------- ---------vol0 unix enabled normal
>vol options vol0
root, diskroot, nosnap=off, nosnapdir=off, minra=off,no_atime_update=off, nvfail=off, ignore_inconsistent=off,snapmirrored=off, create_ucode=on, convert_ucode=off, maxdirsize=45875,schedsnapname=ordinal, fs_size_fixed=off, guarantee=volume,svo_enable=off, svo_checksum=off, svo_allow_rman=off,svo_reject_errors=off, no_i2p=off, fractional_reserve=100, extent=off,try_first=volume_grow, read_realloc=off, snapshot_clone_dependency=off,dlog_hole_reserve=off, nbu_archival_snap=off
> cifs sharesName Mount Point Description---- ----------- -----------HOME /vol/vol0/home Default Share everyone / Full ControlC$ / Remote Administration BUILTIN\Administrators / Full Control
etc$ /vol/vol0/etc everyone / Full Control BUILTIN\Administrators / Full Control
See The Solution
First, if you are more a windows guy than a *nix guy, I tend to have vol0 set to ntfs, therefore it will understand user permissions easier.
Also, check your builtin\administrators mapping to root.
This is our default setting for our 7-mode systems
options wafl.nt_admin_priv_map_to_root on
Thanks for the quick reply
3 out of 4 arrays sorted
The combination of wafl.nt_admin_priv_map_to_root on and given my AD account admin permissions worked, but only on 3 of the 4 controllers
The security style is also set to UNIX on all of the vol0 - good thought
View solution in original post
Ok, so let's see what's wrong with the last array...
Give us some more detail.
If the setting maps admin to root is set on the controller, just double check your account is there
Yes, my user account is there
> useradmin domainuser list -g AdministratorsList of SIDS in AdministratorsS-1-5-xxxxxxxxxxxxxx
> cifs lookup S-1-5-xxxxxxxxxxxxxxname = xxx\xxxxxty [that's me]
> cifs shares etc$Name Mount Point Description---- ----------- -----------etc$ /vol/vol0/etc everyone / Full Control BUILTIN\Administrators / Full Control
On the broken share I'm able to write to the home share and then ndmpcopy files into the etc folder. I can subsequently edit and delete those files - strange
We had this issue recently and I'd performed all the checks listed above. Eventually we used sectrace to help identify the cause and it turned out to be FPOLICY.
The fix was to add the disk firmware extensions (.FVF and .LOD) to the list of permitted extensions and all was well.