如果存在使用旧凭据的现有CIFS会话、则具有所需权限的用户无法访问CIFS路径
适用场景
- ONTAP 9
- CIFS
问题描述
- 具有所有所需权限的用户无法访问CIFS路径并收到"
permission denied"或"access is denied错误。 - 用户对CIFS路径具有读/写权限、而Windows用户正在映射到UNIX root:
cluster1::> vserver security file-directory show-effective-permissions -vserver vs1 -win-user-name domain1\user1 -path /volume/pathVserver: vs1Windows User Name: domain1\user1Unix User Name: rootFile Path: /volume/pathCIFS Share Path: -Effective Permissions:Effective File or Directory Permission: 0x1f01ffReadWriteRead AttributesWrite Attributes- Sectrace显示用户无读取权限、并且其映射到UNIX pcuser:
cluster1::*> sectrace trace-result showVserver: vs1Node Index Filter Details Reason--------------- ----- -------------------------- ------------------------------node1 Security Style: NTFS and Access is denied. TheNT ACL requested permissions are notgranted by the ACE whileopening existing file ordirectory. Access is notgranted for: "ReadAttributes", "Read"Protocol: cifsVolume: -Share: share1Path: /volume/pathWin-User: domain1\user1UNIX-User: pcuserSession-ID: 1013872866111782917