跳转到主内容

无法编辑UNIX安全模式卷的SACL

Views:
7
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas<a>SACL</a><a>UNIX安全模式</a><a>UNIX安全模式SACL</a>
Last Updated:

适用场景

  • ONTAP 9
  • 审核

问题描述

无论使用何种方法、卷上似乎都不允许使用SACL条目。

Windows资源管理器示例:

我们尝试将Active Directory用户"NAS用户"添加到名为"UNIX"的Unix模式安全卷中。为"NAS用户"创建权限后、单击"应用"。之后、我们可以看到已从权限条目中删除了"NAS用户"。

clipboard_e867d6b01f34d9ad9e56bcd3a99ceea61.png

clipboard_e7eaf0c9959b823f580ad634437bb9e92.png

ONTAP命令行界面示例:

cluster1::vserver security file-directory> ntfs sacl show -vserver svm1_cluster1 -ntfs-sd unix-sd 
Vserver: svm1_cluster1
NTFS Security Descriptor Name: unix-sd

    Account Name     Access   Access             Apply To
                     Type     Rights
    --------------   -------  -------            -----------
    DEMO\nas-user    success  full-control      this-folder, sub-folders, files

cluster1::vserver security file-directory> policy show -vserver svm1_cluster1   

   Vserver          Policy Name
    ------------     --------------
    svm1_cluster1    unix_test

cluster1::vserver security file-directory> task add -policy-name unix_test -path /unix/test -vserver svm1_cluster1 -security-type ntfs -ntfs-sd unix-sd
  (vserver security file-directory policy task add)

Error: command failed: Can't set ntfs security descriptor on a Unix File

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.