Permission denied for CIFS folder from the aix -netappcluster

fmuser_01 · ‎2019-07-12

Hi,

We had a NetApp cluster volume which is configured as CIFS share and security limited to some domain users.

It was mounted in an aix server as NFS mount and used to transfer the files to the CIFS share.

It was stopped working saying that permission denied to the folder in Unix end. We haven't made any changes in NetApp and not sure where it broke.

1)Unix user (or root) couldn't able to access it.

2)I tried to create local Unix id and in NetApp Unix user with same as domain user name, then i can able to access the folder.

but i couldn't use any local Unix user(or root ) to access the folders.

Please let me know how to make Unix local user orroot to access the CIFS folder. I tried name mapping in NetApp but it's not working.

My export policy will be like:

Vserver: vserver1
Policy Name: POLICY1
Rule Index: 1
Access Protocol: nfs
List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 0.0.0.0/0
RO Access Rule: any
RW Access Rule: any
User ID To Which Anonymous Users Are Mapped: 65534
Superuser Security Types: any
Honor SetUID Bits in SETATTR: true
Allow Creation of Devices: true

Name mapping like:

pattern : dom\\xxxxx

replacement: YYYY

csalitros · ‎2019-07-12

Do you know if anything changed on the AD side? Were any NTFS permissions changed?

Do you need to mount it via NFS? Can you just mount it on the AIX host using CIFS (this may only support SMBv1, which your AD administrator could have disabled for security reasons).

You could probably also look through your secd logs, that might help narrow it down.

GidonMarcus · ‎2019-07-13

i suggest to set a sectrace rule and see what it tries to map it to.

Gidi Marcus (Linkedin) - Storage and Microsoft technologies consultant - Hydro IT LTD - UK

Permission denied for CIFS folder from the aix -netappcluster

Portfolio Updates | NetApp ONAIR