ONTAP Hardware
ONTAP Hardware
We have AFF220. There is an SVM with a few CIFS share volumes in it. One volume is called USERS and shared as USERS$. We were able to access the share ok, copy / delete data etc. Suddenly the share became access denied. I see the volume in Netapp, the share permissions are ok. I can actually browse the share via our backup software so its like someone removed the NTFS permissions that gave us access to it. There is not a root folder. How can I view the ntfs permissions on the users$ folder and change them if the folder is hidden?
I reverted a snapshot and this restored the access to the folder. However the question remains how would I view the folder if I lost access? Also, the only way I seem to be able to check the NTFS permissions is to pin the path \\svm\users$ to windows explorer. From there right click and check permissions. This doesnt seem right.
Solved! See The Solution
You can always use the NetApp command line to check NTFS permissions on files or folders.
::> vserver security file-directory show
You can always use the NetApp command line to check NTFS permissions on files or folders.
::> vserver security file-directory show
It probably is offbox. I would open a case. For some reason reading your description my first thought was ransomware. It doesn’t make sense since you can still access data but you might make a clone of the volumes or ensure you retain snapshots on your secondary SnapMirror location. It doesn’t match what we have seen ransomware do but I had a feeling reading what you said. At the very least you’ll have a backup.
Since it involves looking at logs I would just open a case. If it is like a home directory request a p1 since that would be an outage.
Sorry I should clarify, if this is a lost access situation and you can’t get it to where users can access their data.
Its not ransomware. You have a volume and you have a share. You create a folder in that share and it inherits the root permissions. The question is, if you lost access to the root, how would you for example take ownership back?
If the share = \\SVM\Users$ and you access this share, create folders here, they inherit permissions from user$. The only way I know how to change the NTFS permissions on the Users$ is to pin the folder in explorer, then I can right click it and modify the permissions. But lets say someone went in and removed my ntfs access from users$, the folder would disappear and I would not be able to even see the folder. If I try to go to \\SVM\Users$, I would get access denied. The share permissions are still intact and visible on netapp, but the ntfs permissions are now wrong and im locked out. So how can you view / take ownership back of the Users$ root folder?
I agree. I just had a feeling...IDK why.
Ok I understand now, you can view / change the permissions via SSH command line. Found it under the CIFS
Example
cifs share access-control modify -share USERS$ -user-or-group MYGROUP -user-group-type windows -permission Full_Control