由于缺少SACL、CIFS审核无法按预期工作
- Views:
- 4
- Visibility:
- Public
- Votes:
- 0
- Category:
- ontap-9
- Specialty:
- nas<a>CIFS审核</a><a>2009424462</a>
- Last Updated:
适用场景
- ONTAP 9
- CIFS审核
问题描述
- 不会生成审核事件
- 文件名未显示在审核事件中
vserver security file-directory
在卷或CIFS共享上不显示SACL
::> vserver security file-directory show -vserver svm_netapp -path /vol_netapp -instance
Vserver: svm_netapp
File Path: /vol_netapp
File Inode Number: 64
Security Style: ntfs
Effective Style: ntfs
DOS Attributes: 10
DOS Attributes in Text: ----D---
Expanded Dos Attributes: -
UNIX User Id: 0
UNIX Group Id: 0
UNIX Mode Bits: 777
UNIX Mode Bits in Text: rwxrwxrwx
ACLs: NTFS Security Descriptor
Control:0x9504
Owner:BUILTIN\Administrators
Group:BUILTIN\Administrators
DACL - ACEs
ALLOW-NT AUTHORITY\SYSTEM-0x1f01ff-OI|CI
ALLOW-BUILTIN\Administrators-0x1f01ff-OI|CI
ALLOW-Everyone-0x1f01ff-OI|CI
- 审核设置正确:
::*> vserver audit show -vserver svm1 -fields events
vserver events
---------- --------------------------------------------------------------------------
svm1 file-ops,cifs-logon-logoff,user-account,security-group,audit-policy-change