管理员组中的用户映射到pcuser

适用场景

ONTAP 9

问题描述

• 管理员组中的用户没有在 Unix 安全模式 qtree 中写入文件的权限。
• 名称映射配置如下，手动将管理员映射到根用户。

Cluster::> vserver name-mapping show -vserver SVM1 -direction win-unix

Vserver: SVM1
Direction: win-unix
Position Hostname IP Address/Mask
-------- ---------------- ----------------
1 - - Pattern: U\\Administrator Replacement: root
2 - - Pattern: U\\(.*)      Replacement: \1
2 entries were displayed.

• 但是，管理员组中的用户被映射为pcuser 。

Cluster::*> secd authentication show-creds -node Node01 -vserver SVM1 -win-name user1

UNIX UID: pcuser <> Windows User: U\user1(Windows Domain User)

GID: pcuser
Supplementary GIDs:
pcuser

Primary Group SID: U\Domain Users (Windows Domain group)

Windows Membership:
U\Domain Admins (Windows Domain group)
U\Domain Users (Windows Domain group)
U\Denied RODC Password Replication Group (Windows Alias)
BUILTIN\Administrators (Windows Alias)
BUILTIN\Users (Windows Alias)
User is also a member of Everyone, Authenticated Users, and Network Users

Privileges (0x22b7):
SeBackupPrivilege
SeRestorePrivilege
SeTakeOwnershipPrivilege
SeSecurityPrivilege
SeChangeNotifyPrivilege