删除AD组后、无法访问共享
适用场景
- ONTAP
- CIFS/SMB
问题描述
- qtree/folder的NTFS权限显示的是SID、而不是组名称。
- 由于 对CIFS共享的权限被拒绝、组中的客户端丢失访问权限。
File Path: /vol0/qtree1 File Inode Number: 96 Security Style: ntfs Effective Style: ntfs DOS Attributes: 30 DOS Attributes in Text: ---AD--- Expanded Dos Attributes: - UNIX User Id: 65534 UNIX Group Id: 65534 UNIX Mode Bits: 777 UNIX Mode Bits in Text: rwxrwxrwx ACLs: NTFS Security Descriptor Control:0x9014 Owner:S-1-5-21-xxxxx-xxxxxxx-xxxxxxxx-xxx Group:BUILTIN\Administrators DACL - ACEsALLOW-BUILTIN\Administrators-0x1f01ff-OI|CIALLOW-S-1-5-21-xxxxx-xxxxxxx-xxxxxxxx-xxx-0x1f01ff-OI|CI