Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Netapp UNIX volume with CIFS and NFS shares

Posted on 2009-05-19
4
Medium Priority
?
4,503 Views
Last Modified: 2013-12-16
I have a network appliance filer running Ontap 7.3. I have a UNIX volume/Q-tree with 3.9 TB of allocated storage. I have NFS and CIFS shares pointing to the same volume. The NFS share permissions work fine. On the NFS side I am also able to limit access to certain IP addresses. On the CIFS shares, no matter what permission (ACL) I set, the shares are still open to everyone in the security domain. How do control volume access through the CIFS shares?
0
Comment
Question by:intrax-operations
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 1

Author Comment

by:intrax-operations
ID: 24434390
I realize this is a difficult question. But there must be somebody on this list that can answer it.
0
 
LVL 22

Expert Comment

by:robocat
ID: 24493774

In Filerview -> CIFS -> shares -> manage -> change access

you can manage access to the shares.

0
 
LVL 4

Expert Comment

by:lepiaf
ID: 24569688
yeah, or use the cli commands "cifs access ...".

BTW, if this qtree is unix style, the ACL's will be constructed from the unix permissions. So, you may want to change it to be ntfs security style, which means that the unix permission bits will be constructed from the ACL's instead.

Hope this helps.

Cheers,
LePiaf
0
 
LVL 6

Accepted Solution

by:
bradl3y earned 2000 total points
ID: 25910162
Using "Change Access" or the "cifs access" command will allow you to choose which users/groups have access to the cifs share, but will not effect access to individual files/directories within the share.

If all of your users currently have full access to a file they shouldn't, that means their windows user account is mapping to a unix account that has full access to the file. By default, windows accounts will automatically map to a unix account with the same name. Custom mappings can be configured via the /etc/usermap.cfg file.

There are also options on the filer that set the default user in the event that A NT user does not map to a unix user:
walf.default_unix_user
wafl.default_nt_user
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article will include the best Data Recovery Tools along with their Features, Capabilities, and their Download Links. Hope you’ll enjoy it and will choose the one as required by you.
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question