Skip to main content
NetApp Knowledgebase

ONTAP is unable to map a unix user to a Windows user from a trusted domain over a one-way trust

Views:
230
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

Applies to

  • Clustered Data ONTAP 
  • ONTAP 9
  • Microsoft Active Directory (AD) configured with a one-way trust

Issue

ONTAP is unable to map a UNIX user to a Windows user from a trusted domain over a one-way trust. This will typically occur when a UNIX user via NFS is accessing an export, volume, or file that is NTFS security style. If only a one-way trust exists, this mapping will fail to occur. 


ONTAP will first authenticate the UNIX user and then proceed to build the Windows credential via S4U2Self (fallback to Token Groups)

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support