Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

Implicit Windows to UNIX name mapping fails when Windows user has upper case characters

Last Updated:

Applies to

  • ONTAP 9.x
  • Clustered Data ONTAP 8.3


Windows to UNIX name mapping fails if:

  • The Windows and UNIX user names contain uppercase characters
  • There are no explicit name-mapping rules defined for the win-unix direction.
In this case, implicit name mapping is used. When implicit name mapping is used for the Windows to UNIX direction, the Windows username is converted to all lower-case characters.

If a default UNIX user is defined in CIFS options (such as pcuser), the mapping will be shown as 'pcuser' when running diag secd authentication show-creds. If no default UNIX user is defined in CIFS options, errors similar to the following might be reported:

Filer::*> diag secd authentication show-creds -node Filer-01 -vserver testsvm -win-name TestUser

Vserver: testsvm (internal ID: 11)

Error: Get user credentials procedure failed
  [    12] Retrieved CIFS credentials via S4U2Self for full Windows
           user name 'TestUser@DOMAIN.LOCAL'
  [    12] Trying to map 'DOMAIN\TestUser' to UNIX user
           'testuser' using implicit mapping <====================== Note that the user name has been converted to all lower case
  [    13] Entry for user-name: testuser not found in the current
           source: FILES. Ignoring and trying next available source
  [    14] Using a cached connection to ldap.domain.local
**[    15] FAILURE: User 'testuser' not found in UNIX authorization
**         source LDAP.
  [    15] Entry for user-name: testuser not found in the current
           source: LDAP. Entry for user-name: testuser not found in
           any of the available sources
  [    16] Unable to map 'DOMAIN\TestUser'. No default UNIX user
  [    16] Name mapping for Windows user 'DOMAIN\TestUser' failed.
           No mapping found

Error: command failed: Failed to get user credentials. Reason: "SecD Error: Name mapping does not exist".

Scan to view the article on your device

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support