跳转到主内容

当 Windows 用户具有大写字符时,隐式 Windows 到 UNIX 名称映射失败

Views:
27
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用于

  • ONTAP 9.x
  • 集群模式 Data ONTAP 8.3

问题

Windows 到 UNIX 名称映射失败,如果:

  • Windows 和 UNIX 用户名包含大写字符
  • 没有为 WIN-UNIX 方向定义显式名称映射规则。
在这种情况下,将使用隐式名称映射。当 Windows 到 UNIX 方向使用隐式名称映射时, Windows 用户名将转换为所有小写字符。

如果在 CIFS 选项(如 PCUser )中定义了默认 UNIX 用户,则在运行 diag secd 身份验证 show-creds 时,映射将显示为 "pcuser" 。如果在 CIFS 选项中未定义任何默认 UNIX 用户,则可能会报告类似以下内容的错误:

Filer::*> diag secd authentication show-creds -node Filer-01 -vserver testsvm -win-name TestUser

Vserver: testsvm (internal ID: 11)

Error: Get user credentials procedure failed
  [    12] Retrieved CIFS credentials via S4U2Self for full Windows
           user name 'TestUser@DOMAIN.LOCAL'
  [    12] Trying to map 'DOMAIN\TestUser' to UNIX user
           'testuser' using implicit mapping <====================== Note that the user name has been converted to all lower case
  [    13] Entry for user-name: testuser not found in the current
           source: FILES. Ignoring and trying next available source
  [    14] Using a cached connection to ldap.domain.local
**[    15] FAILURE: User 'testuser' not found in UNIX authorization
**         source LDAP.
  [    15] Entry for user-name: testuser not found in the current
           source: LDAP. Entry for user-name: testuser not found in
           any of the available sources
  [    16] Unable to map 'DOMAIN\TestUser'. No default UNIX user
           defined.
  [    16] Name mapping for Windows user 'DOMAIN\TestUser' failed.
           No mapping found

Error: command failed: Failed to get user credentials. Reason: "SecD Error: Name mapping does not exist".

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device