跳转到主内容

当 Windows 用户具有大写字符时,隐式 Windows 到 UNIX 名称映射失败

Views:
4
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用于

  • ONTAP 9.x
  • 集群模式 Data ONTAP 8.3

问题

Windows 到 UNIX 名称映射失败,如果:

  • Windows 和 UNIX 用户名包含大写字符
  • 没有为 WIN-UNIX 方向定义显式名称映射规则。
在这种情况下,将使用隐式名称映射。当 Windows 到 UNIX 方向使用隐式名称映射时, Windows 用户名将转换为所有小写字符。

如果在 CIFS 选项(如 PCUser )中定义了默认 UNIX 用户,则在运行 diag secd 身份验证 show-creds 时,映射将显示为 "pcuser" 。如果在 CIFS 选项中未定义任何默认 UNIX 用户,则可能会报告类似以下内容的错误:

Filer::*> diag secd authentication show-creds -node Filer-01 -vserver testsvm -win-name TestUser

Vserver: testsvm (internal ID: 11)

Error: Get user credentials procedure failed
  [    12] Retrieved CIFS credentials via S4U2Self for full Windows
           user name 'TestUser@DOMAIN.LOCAL'
  [    12] Trying to map 'DOMAIN\TestUser' to UNIX user
           'testuser' using implicit mapping <====================== Note that the user name has been converted to all lower case
  [    13] Entry for user-name: testuser not found in the current
           source: FILES. Ignoring and trying next available source
  [    14] Using a cached connection to ldap.domain.local
**[    15] FAILURE: User 'testuser' not found in UNIX authorization
**         source LDAP.
  [    15] Entry for user-name: testuser not found in the current
           source: LDAP. Entry for user-name: testuser not found in
           any of the available sources
  [    16] Unable to map 'DOMAIN\TestUser'. No default UNIX user
           defined.
  [    16] Name mapping for Windows user 'DOMAIN\TestUser' failed.
           No mapping found

Error: command failed: Failed to get user credentials. Reason: "SecD Error: Name mapping does not exist".

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support