删除AD组后、无法访问共享
适用场景
- ONTAP
- CIFS/SMB
问题描述
- qtree/folder的NTFS权限显示的是SID、而不是组名称。
- 由于 对CIFS共享的权限被拒绝、组中的客户端丢失访问权限。
File Path: /vol0/qtree1
File Inode Number: 96
Security Style: ntfs
Effective Style: ntfs
DOS Attributes: 30
DOS Attributes in Text: ---AD---
Expanded Dos Attributes: -
UNIX User Id: 65534
UNIX Group Id: 65534
UNIX Mode Bits: 777
UNIX Mode Bits in Text: rwxrwxrwx
ACLs: NTFS Security Descriptor
Control:0x9014
Owner:S-1-5-21-xxxxx-xxxxxxx-xxxxxxxx-xxx
Group:BUILTIN\Administrators
DACL - ACEs
ALLOW-BUILTIN\Administrators-0x1f01ff-OI|CI
ALLOW-S-1-5-21-xxxxx-xxxxxxx-xxxxxxxx-xxx-0x1f01ff-OI|CI