跳转到主内容

ONTAP 9.6 及更高版本:在 NS-switch 中使用 NIS 时,对 NTFS 安全卷的 NFS 访问失败,但未配置

Views:
47
Visibility:
Public
Votes:
0
Category:
not set
Specialty:
not set
Last Updated:

适用于

ONTAP 9.6+

问题

  • 尽管unknown UID已知 UNIX UID ,但 NFS 对 NTFS 安全卷的名称映射仍会失败
  • 示例 EMS 日志 
    • secd.nfsAuth.noNameMap: vserver (vserver) Cannot map UNIX name to CIFS name. Error: Get user credentials procedure failed 
    • [ 11] Mapping an unknown UID to default windows user
    • [ 11] Unable to map '123'. No default Windows user defined.
    • **[ 11] FAILURE: Name mapping for UNIX user '123' failed. No mapping found
  • 示例 secd 日志显示因 NS-switch 中的 NIS 而导致的瞬时 NIS 错误,但未配置 NIS
    • ERR  :  Configuration for NIS is disabled/not found { in SecdCbNsJournal() at src/utils/secd_ns_utils.cpp:91 }
      info :  Source: NIS unavailable. Entry for user-id:123 not found in any of the available sources { in SecdCbNsJournal() at src/utils/secd_ns_utils.cpp:95 }
      debug:  nswrapper::getpwuid_r() returned error code=2, files_err=5, nis_err=19, ldap_err=5, dns_err=0  { in getUserInfoViaLibC() at src/utils/secd_ns_utils.cpp:448 }
      ERR  :  nswrapper::getpwuid_r() has a transient error  { in getUserInfoViaLibC() at src/utils/secd_ns_utils.cpp:454 }
      ERR  :  RESULT_ERROR_SECD_LIBC_TRANSIENT_ERROR:7035 in getUserInfoViaLibC() at src/utils/secd_ns_utils.cpp:455
      ERR  :  RESULT_ERROR_SECD_LIBC_TRANSIENT_ERROR:7035 in _getUserPasswdInfo() at src/authorization/secd_unix_authorization.cpp:738
      ERR  :  RESULT_ERROR_SECD_LIBC_TRANSIENT_ERROR:7035 in _getUserInfo() at src/authorization/secd_unix_authorization.cpp:485
      ERR  :  RESULT_ERROR_SECD_LIBC_TRANSIENT_ERROR:7035 in getCredsFromUserIdViaLibc() at src/authorization/secd_unix_authorization.cpp:112

      debug:  Logged secd.nfsAuth.noNameMap to EMS  { in logEmsEventWithJournalForNfsAuthError() at src/utils/secd_ems_utils.cpp:1236 }
  • NS 交换机配置的数据库组和 / 或使用 NIS 的 passwd
    • ::> vserver services ns-switch show -vserver vserver1
                      Source
      Vserver      Database     Order
      --------------- ------------   ---------
      vserver1     hosts      files,
                      dns
      vserver1     group      files,
                      nis
      vserver1     passwd      files,
                      nis
      vserver1     netgroup     files
      vserver1     namemap     files
  • NIS 未配置示例
    • ::> vserver services nis-domain show -vserver vserver1
      There are no entries matching your query.

       
  • 本地 UNIX 用户配置的示例
    • ::> vserver services unix-user show -vserver vserver -id 123
              User       User   Group  Full
      Vserver     Name       ID    ID    Name
      -------------- --------------- ------ ------ --------------------------------
      vserver1     root       123   123
  • 未配置本地 UNIX 组示例
  • ::> vserver services unix-Group  show -vserver vserver1 -id 123
    There are no entries matching your query.

     

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.