I have joined a netapp filer to a domain. The authentication works, also the NTFS ACLs are set properly and users can access the shares. But I need to provision every user twice: first for the domain and secondly in /etc/passwd from the netapp. Is there a way to avoid that? The authentication and authorization is done using Active Directory but the user needs to appear in /etc/passwd for some reason...
Finally I made it work. It was wafl.default_unix_user which was empty so users with no mapping just mapped to anything and it didn't work. Now I can use new users without problems and they follow the access rules in the NTFS domain!!!
I will let you also know that you solved an issue NetApp support wasn't able to solve and want to say that the support from netapp in this matter has been worse than awfull.
It is multiprotocol. I am serving both NFS and CIFs. But this qtree in particular is NTFS only. It only works if I add the user to the passwd file. It doesn't matter the password since it uses the one in AD.