跳转到主内容

AD 组中的用户无法访问 CIFS 共享

  1. 最后更新
  2. 另存为PDF
Views:
60
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用于

  • ONTAP 9
  • Active Directory

问题

  • AD 域用户无法访问 CIFS 共享
  • 用户是 AD 组 X 的成员,但 'show-creds' 命令未列出该组。

原因

  • 用户是通讯组类型与安全的成员
  • 当您查看 Active Directory 用户和计算机时,我们看到用户是该组的成员:
doc_63661_image_1.png
 
但是,当我们查看 General 属性时,我们注意到 Group 类型是 Distribution:
 
doc_63661_image_2.png
 
  • 这也可以通过以下 PS 命令来查看
    • PS command get-ADUser test111 -Properties * | select memberof -ExpandProperty member of | Findstr -i testgroup1
    • testgroup1,OU=Distribution,OU=Domain-Groups,DC-=group,DC=com

解决方案

将组修改为安全组或将用户添加到具有权限的适当组

追加信息

  • 通讯组用于向一组人员发送电子邮件通知。
  • 安全组用于授予对资源的访问权限
  • Microsoft 链接解释组样式
    • 外部链接 - [1]

内部参考

内部参考_text
  1. User in AD group is not able to access CIFS share#Applies_to
  2. User in AD group is not able to access CIFS share#Issue
  3. User in AD group is not able to access CIFS share#Cause
  4. User in AD group is not able to access CIFS share#Solution
  5. User in AD group is not able to access CIFS share#Additional_Information
  6. User in AD group is not able to access CIFS share#Internal_Notes

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.