ONTAP is unable to map a unix user to a Windows user from a trusted domain over a one-way trust
Applies to
- Clustered Data ONTAP
- ONTAP 9
- Microsoft Active Directory (AD) configured with a one-way trust
Issue
ONTAP is unable to map a UNIX user to a Windows user from a trusted domain over a one-way trust. This will typically occur when a UNIX user via NFS is accessing an export, volume, or file that is NTFS security style. If only a one-way trust exists, this mapping will fail to occur.
ONTAP will first authenticate the UNIX user and then proceed to build the Windows credential via S4U2Self (fallback to Token Groups) |