UNIX user unable to delete data on windows NFS share

Check security settings on the windows side to see whether delete rights have been removed to prevent accidental deletion of files.
I.e. restrict who can delete files. and likely can not rename files/directories either.

Access/read/write is a layered permissions the one that has the most restrictive between NFS share, how the share is mounted and the server where the NFS resides.
Based on your description, it seems the restriction is on the windows server where the NFS share resides.

Hi Michael,

You sounds correct. I am a newbie, please guide steps what needs to be done in windows side.
How to create mapping between Windows and Unix user IDs.

@michael: On unix/linux every object has an User ID (uid)  and a Group ID (gid) both a 16bit and a accessmode mask.

All files in Unix have allowed access modes: Read and/or Write and/or Execute/Search.
(The Execute bit means it is a program for a file, and searchable for a directory).
Those rwx bit mask is available for the User (UID matches) , the Group (GID matches) or Others (none match).
UID is checked first, GID after that, Others last.  (The UID/GID are assigned to a user in the authorisation Database
(Either /etc/passwd (optinal + /etc/shadow), LDAP, NIS, Kerberos...)

In the NFS for Windows layer every windows user can and should be assigned such a UID/GID combination in AD (=LDAP + kerberos)  that is consistent with the Unix access credentials.

If they agree that should solve the access problems. (The group may need a Group SID in AD, with its gid correct).

I am a newbie to NFS, please guide steps how to create mapping between windows and unix users.

I do not know how to work in UNIX, so cannot help with that part.

Which step are you asking for help?
On the Windows you define the share with its permission.

On the UNIX/Linux box

You with elevated rights mount and where you want it mounted.(/mnt/nfsshare)
mount -t nfs ipofwindowsserver:/nfssharename /mnt/nfsshare

Running df -k will now list the /mnt/nfsshare with space/usage info....

Hi Arnold, please provide the steps , How to map Windows users and Unix users. so the unix can able to modify\delete at windows NFS share.
I have given full access to NFS and NTFS permission, but Unix user is only able to read and create files but not able to delete.

what ntfs permissions do you have?

presumably you have SFU installed on the windows box. Do you have centralized user management, i.e. AD environment?

enable auditing on the nfs share on windows and see what events you get when a user on the unix platform attempts to delete the file?

ntfs permissions you have everyone full rights?

Be aware that by default root (0,0) is set as nobody(65534), nogroup (65533) on the server side of the connection.
And that userid & groupid should match. The serverside validates all requests.
In the NFS protocol only the uid & gid are transfered in the requests.
(usernames, groupnames etc. are irrelevant (translated) to access files. )

On linux you can use 'id username' to get all info that is relevant, for the access.
Those uid codes / gid codes must be known on the server.
And the accounts/groups where the are assigned to should have the right settings in the File ACL.
nobod & nogroup have NO_ACCESS by definition.

Look at the group properties for everyone, when you added sfu, I think you now have there a UNIX tab where you can add group Id that you can match the id on the UNIX/Linux box for users which I think is usually 100

I did not get proper steps to resolve the issue. I will contact vendor to assist on the issue. Thank you.

I had contacted vendor they provided the solution which I have given in my comment.