Im trying to access CIFS Shares on my 8.1.2 C-Mode simulator. I used putty and System Manager 2.1 to configure.
Following worked fine:
- created 2-node Cluster
- created vserver with CIFS
- created data LIF with IP which is ping-able
- created CIFS server and joined successfull in AD
- created NTFS Style Volume
- mounted the Volume in Namespace
- created CIFS share with everyone fullcontrol
after several searching i found this KB: https://kb.netapp.com/support/index?page=content&id=3012797&actp=search&viewlocale=en_US&searchid=1360918009502
It sayes i have to manualy create a default usermapping win-unix that i can access a CIFS Share. So i tried but still not working:
kmoscluster::> vserver cifs options modify -vserver kmosvserver -default-unix-user pcuser
kmoscluster::> vserver name-mapping create -vserver kmosvserver -direction win-unix -position 1 -pattern "*" -replacement pcuser
Error: command failed: The pattern * already exists --> why does this allready exist? so i tried this:
kmoscluster::> vserver name-mapping create -vserver kmosvserver -direction win-unix -position 1 -pattern "**" -replacement pcuser
kmoscluster::> vserver services unix-user create pcuser -id 65534 -primary-gid 65534
kmoscluster::> vserver services unix-group create pcuser -id 65534
kmoscluster::> vserver show -fields ns-switch
4 entries were displayed.
kmoscluster::vserver cifs options> show
Default Unix User: pcuser
Read Grants Exec: disabled
WINS Servers: -
kmoscluster::vserver cifs options> vserver name-mapping show
Vserver Direction Position
-------------- --------- --------
kmosvserver win-unix 1 Pattern: **
Now when i try to access a cifs share I can see the shares on my win7 but can’t open it. (asks me for username&pw but cant authenticate)
what am i doing wrong? I think there is a problem with the usermapping win-unix but no i’m lost...
with 7-Mode setting up a CIFS server was soooo easy, im a bit disappointed right now...
since you're mapping your AD-User to a Unix user with id of 65534 chances are small that the volume permissions are right.
Try changing the permissions: volume modify -vserver <Vserver> -volume <Volume> -unix-permissions 777
After that you should be able to get into the share.
Thanks for your reply.
My volumes are all NTFS security style, so I can't set UNIX permissions.
kmoscluster::> volume modify -vserver kmosvserver -volume v_cifs_data_01 -unix-permissions 777
Error: command failed: You cannot set UNIX permissions for "ntfs" security style. You can set UNIX permissions only for "unix" and "mixed" security styles.
Even if I change the volume to UNIX and set this permissions id doesn't work.
can you give me details about your export-policies and rules for those volumes? That could be the other thing preventing you from viewing your shares.
Update: Here's a description for export-policies and rules https://kb.netapp.com/support/index?page=content&id=3011272
If the volume is ntfs and you are accessing cifs share from windows host, you don't need to create any user mapping rules.
Default unix user and group is needed tough, and this is enough. Your vserver name service switch and name mapping switch should be "file" in this case (i think).
>vserver show -vserver <vserver-name>
Check the allowed protocols from the vserver and from the lif.
is ntp service running in your vserver?
If you are using default export policy and rule it should be fine, but to be sure use you can use example >volume show -vserver <vserver-name> -volume <vol-name> to check the junction path of the volume (other useful info from the volume is also in this output), and then >rule show command to make sure rules are ok for the cifs volume and all the volumes "above" it in junction path.
Thanks for your reply.
I played a bit longer around with my vserver and now i've found the Problem:
The default export policy hasn't had any rules defined in it. so i added a cifs rule to the default export policy and every thing is now working fine with cifs.