Network and Storage Protocols

CIFS Authentication and Permissions Breakdown

morjo619

Needs some help uderstanding how the authentication and permission configuration works with a Vserver...I'm a bit confused. So, I have 1 data vserver that allows all protocols (NFS, CIFS, ISCSI, FC) the root vol permission is set to UNIX. I went through the Vserver CIFS setup and added the SVM machine account into my Active Directory domain. I also configured WIN-to-UNIX name mapping --it maps to the AD domain "administrator" account to the "root" account. My confusion comes regarding do I still need to setup LDAP? How does authentication actually happen?

 

Much appreciated!!

1 REPLY 1

AdvUniMD

If you have any volumes with UNIX security style, then usermapping needs to be configured. Also you need to do "vsever cifs create" (do not confuse it with "vserver active-directory create" which is something different!) to create a machine account in AD (it's not enough to just manually add a machine account into your AD domain). You can check the secd.log (you can get it via http://<netapp node IP>/spi ) for any errors regarding usermapping and/or security.

Of course if you have users in LDAP/NIS that you want to map to (instead of, say, just mapping all windows user to one specific UNIX user) then you need to setup LDAP/NIS as name service

 

But honestly, your partner (the one who sold you the NetApp) should be able to help you with that. Also, it's not often a good idea to use a single SVM for file and block storage at the same time. It's better to separate these into multiple SVMs

Announcements
Register for Insight 2021 Digital

INSIGHT 2021 Digital: Meet the Specialists 2

On October 20-22, gear up for a fully digital, totally immersive virtual experience with a downright legendary lineup of world-renowned specialists. Tune in for visionary conversations, solution deep dives, technical sessions and more.

NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public