由于文件级权限不足、用户无法访问CIFS共享
适用场景
- ONTAP 9
- CIFS
- NTFS
问题描述
- 用户尝试访问CIFS共享:
Access Denied
- 访问共享的共享级别权限就足够了:
示例:
::> cifs share show -share-name vol
Vserver Share Path Properties Comment ACL
-------------- ------------- ------------- ---------- -------- -----------
svm1 vol /vol oplocks - user1 / Full Control
browsable
changenotify
show-previous-versions
- 文件级权限表示
user1
未列在 DACL中:
示例:
::> file-directory show -vserver svm1 -path /vol
Vserver: svm1
File Path: /vol
File Inode Number: 64
Security Style: ntfs
Effective Style: ntfs
DOS Attributes: 10
DOS Attributes in Text: ----D---
Expanded Dos Attributes: -
UNIX User Id: 0
UNIX Group Id: 0
UNIX Mode Bits: 777
UNIX Mode Bits in Text: rwxrwxrwx
ACLs: NTFS Security Descriptor
Control:0x8004
Owner:BUILTIN\Administrators
Group:BUILTIN\Administrators
DACL - ACEs
ALLOW-User2-0x1f01ff
- 安全跟踪 可能会显示以下错误:
Access is denied. The requested permissions are not granted by the ACE
Access is denied by an explicit ACE
Access is denied by an inherited ACE