如果存在使用旧凭据的现有CIFS会话、则具有所需权限的用户无法访问CIFS路径
适用场景
- ONTAP 9
- CIFS
问题描述
- 具有所有所需权限的用户无法访问CIFS路径并收到"
permission denied
"或"access is denied
错误。 - 用户对CIFS路径具有读/写权限、而Windows用户正在映射到UNIX root:
cluster1::> vserver security file-directory show-effective-permissions -vserver vs1 -win-user-name domain1\user1 -path /volume/path
Vserver: vs1
Windows User Name: domain1\user1
Unix User Name: root
File Path: /volume/path
CIFS Share Path: -
Effective Permissions:
Effective File or Directory Permission: 0x1f01ff
Read
Write
Read Attributes
Write Attributes
- Sectrace显示用户无读取权限、并且其映射到UNIX pcuser:
cluster1::*> sectrace trace-result show
Vserver: vs1
Node Index Filter Details Reason
--------------- ----- -------------------------- ------------------------------
node1 Security Style: NTFS and Access is denied. The
NT ACL requested permissions are not
granted by the ACE while
opening existing file or
directory. Access is not
granted for: "Read
Attributes", "Read"
Protocol: cifs
Volume: -
Share: share1
Path: /volume/path
Win-User: domain1\user1
UNIX-User: pcuser
Session-ID: 1013872866111782917