ONTAP Discussions

user quota rule problem: windows domain user support @?

JOEY_STORAGE
2,952 Views

configuraton:

SVM add to an AD domain(ETE.COM) which have several domain users(aduser1~aduser10)

 

from "ONTAP 9 Documentation Center", I can find this help reference:

volume quota policy rule create:

-target <text> - TargetThis parameter specifies the target to which the quota policy rule applies. For default quota rules, this parameter should be specified as "". For explicit tree quotas rules, this parameter should indicate the qtree name. For explicit user quota rules, this parameter can contain UNIX user name, UNIX user identifier, Windows user name, Windows Security Identifier or a path to an existing object within the volume. If a name contains a space, enclose the entire value in quotes. A UNIX user name cannot include a backslash (\) or an @ sign; user names with these characters are treated as Windows names. For multi-user quotas, this parameter can contain multiple user targets separated by a comma. For explicit group quota rules, this parameter can contain UNIX group name or UNIX group identifier or a path to an existing object within the volume. When a path is specified as the target, it should be of the format /vol/<vol-name>/<path to file from volume root> where the volume matches that of the -volume parameter.

 

test steps: 

1. vol quota policy rule create -vserver svm_test001 -policy-name default -volume test_1G -type user -target ete.com\aduser3 -qtree ""

-----OK

2. vol quota policy rule create -vserver svm_test001 -policy-name default -volume test_1G -type user -target ETE\aduser2 -qtree ""

-----OK

3. vol quota policy rule create -vserver svm_test001 -policy-name default -volume test_1G -type user -target aduser2@ete.com -qtree ""

------Error: command failed: Illegal name aduser2@ete.com specified in quota target.

 

question:

why ad domian user with @ is not OK?

1 ACCEPTED SOLUTION

AlexDawson
2,859 Views

Hi there,

 

As per the manual at http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-vsmg%2FGUID-77083F88-7B58-414B-A665-C19FCFA64B13.html&cp=17_2_7_0_8_1 - you can either use the old domain\user format, or the user SID, or a path to an existing file owned by the user. The user@domain format is not supported.

 

I cannot speculate as to why. If this is a required feature, I encourage you to reach out to your account team to have them lodge an RFE (request for enhancement) for it.

 

Thanks!

View solution in original post

6 REPLIES 6

AlexDawson
2,860 Views

Hi there,

 

As per the manual at http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cm-vsmg%2FGUID-77083F88-7B58-414B-A665-C19FCFA64B13.html&cp=17_2_7_0_8_1 - you can either use the old domain\user format, or the user SID, or a path to an existing file owned by the user. The user@domain format is not supported.

 

I cannot speculate as to why. If this is a required feature, I encourage you to reach out to your account team to have them lodge an RFE (request for enhancement) for it.

 

Thanks!

JOEY_STORAGE
2,844 Views

Thanks 

 

 

 

 

JOEY_STORAGE
2,837 Views

Eh, and what this reference exactly means? Is there a scenario, a unix or windows user with @ sign can add to user quota, or not?

 

{Note: You cannot use a UNIX user name to specify a quota if that name includes a backslash (\) or an @ sign. This is because ONTAP treats names containing these characters as Windows names.}  at http://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cm-vsmg/GUID-F595143B-000C-4AE7-B15D-F1DACEFB6D99.html 

AlexDawson
2,835 Views

No, "@" is not able to be used.

JOEY_STORAGE
2,833 Views

Thanks

Public