由于文件级权限不足、用户无法访问CIFS共享

最后更新
另存为PDF

Views:: 67

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

适用场景

ONTAP 9
CIFS
NTFS

问题描述

用户尝试访问CIFS共享： Access Denied
访问共享的共享级别权限就足够了：

示例：

::> cifs share show -share-name vol

Vserver     Share        Path     Properties Comment  ACL
 -------------- ------------- -------------  ---------- -------- -----------
 svm1       vol      /vol       oplocks   -     user1 / Full Control
                        browsable
                        changenotify
                        show-previous-versions

文件级权限表示user1 未列在 DACL中：

示例：

::> file-directory show -vserver svm1 -path /vol Vserver: svm1 File Path: /vol File Inode Number: 64 Security Style: ntfs Effective Style: ntfs DOS Attributes: 10 DOS Attributes in Text: ----D--- Expanded Dos Attributes: - UNIX User Id: 0 UNIX Group Id: 0 UNIX Mode Bits: 777 UNIX Mode Bits in Text: rwxrwxrwx ACLs: NTFS Security Descriptor Control:0x8004 Owner:BUILTIN\Administrators Group:BUILTIN\Administrators DACL - ACEs ALLOW-User2-0x1f01ff

安全跟踪可能会显示以下错误：

Access is denied. The requested permissions are not granted by the ACE Access is denied by an explicit ACE
Access is denied by an inherited ACE