未将任何UNIX用户映射到Win用户

最后更新
另存为PDF

Views:: 5

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

适用场景

ONTAP 9

问题描述

由于未将任何UNIX用户映射到有效的Windows用户、因此需要进行CIFS身份验证
secd日志：

| [000.005.980] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secdGetUnixCredsForWindowsUser() at authentication/secd_rpc_auth.cpp:676 | [000.005.990] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secdLoadUnixCredsFromContext() at authentication/secd_rpc_auth.cpp:276 | [000.005.999] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secdLoadResponseFromContext() at authentication/secd_rpc_auth.cpp:396 | [000.006.009] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secd_rpc_auth_extended_1_svc() at authentication/secd_rpc_auth.cpp:761 | [000.006.020] debug: SecD RPC Server sending reply to RPC 151: secd_rpc_auth_extended { in secdSendRpcResponse() at server/secd_rpc_server.cpp:1405 } | [000.006.232] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in getFailureCode() at utils/secd_thread_task_journal.cpp:292 | [000.006.262] ERR : Error: User authentication procedure failed | [000.006.268] ERR : [ 5] User 'CIFSLABAdministrator' authenticated using NTLMv2 security | [000.006.273] ERR : [ 5] Trying to map 'CIFSLABAdministrator' to UNIX user 'administrator' using implicit mapping | [000.006.279] ERR : [ 5] Name 'administrator' not found in UNIX authorization source LOCAL | [000.006.284] ERR : [ 5] Could not get an ID for name 'administrator' using any NS-SWITCH authorization source | [000.006.289] ERR : [ 5] Trying to map user to the default UNIX name 'none' | [000.006.295] ERR : [ 5] Name 'none' not found in UNIX authorization source LOCAL | [000.006.300] ERR : [ 5] Could not get an ID for name 'none' using any NS-SWITCH authorization source | [000.006.306] ERR : **[ 5] FAILURE: Unable to map Windows user 'CIFSLABAdministrator' to appropriate UNIX user

注意： 隐式映射返回 not found，默认用户映射返回， not found因此用户映射失败，表示未配置用户映射。

没有与CIFSLABAdministrator匹配的名称映射规则

 ::> vserver name-mapping show Vserver Direction Position -------------- --------- -------- vserver2 win-unix 1 Pattern: cifslab\\Administrator Replacement: root vserver2 win-unix 2 Pattern: NFSQA-CIFS\\Administrator Replacement: root vserver2 win-unix 3 Pattern: NFSQA\\Administrator Replacement: root vserver2 unix-win 1 Pattern: root Replacement: cifslab\\Administrator 4 entries were displayed.

未配置默认UNIX用户

 ::> cifs options show -vserver vserver1 Vserver: vserver1 Default UNIX User: none Read Grants Exec for Mode Bits: disabled Windows Internet Name Service (WINS) Addresses: 172.17.152.42 Default UNIX Group: