跳转到主内容

由于文件级权限不足、用户无法访问CIFS共享

Views:
67
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用场景

  • ONTAP 9
  • CIFS
  • NTFS

问题描述

  • 用户尝试访问CIFS共享:  Access Denied
  • 访问共享的共享级别权限就足够了:

示例:

::> cifs share show -share-name vol 
Vserver     Share        Path     Properties Comment  ACL
-------------- ------------- -------------  ---------- -------- -----------
svm1       vol      /vol       oplocks   -     user1 / Full Control
                       browsable
                       changenotify
                       show-previous-versions
  • 文件级权限表示user1 未列在 DACL中:

示例:

::> file-directory show -vserver svm1 -path /vol
         Vserver: svm1
        File Path: /vol
    File Inode Number: 64
     Security Style: ntfs
     Effective Style: ntfs
     DOS Attributes: 10
 DOS Attributes in Text: ----D---
Expanded Dos Attributes: -
      UNIX User Id: 0
      UNIX Group Id: 0
     UNIX Mode Bits: 777
 UNIX Mode Bits in Text: rwxrwxrwx
          ACLs: NTFS Security Descriptor
             Control:0x8004
             Owner:BUILTIN\Administrators
             Group:BUILTIN\Administrators
             DACL - ACEs
              ALLOW-User2-0x1f01ff

  • 安全跟踪 可能会显示以下错误:

    Access is denied. The requested permissions are not granted by the ACE
    Access is denied by an explicit ACE

    Access is denied by an inherited ACE

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.