How to Enable NFS Extended Groups in Data ONTAP operating in 7-Mode
Applies to
- Data ONTAP operating in 7-Mode NFS
Description
While Data ONTAP operating in 7-Mode supports internally a default of 32 groups in unix credentials, there is a well known limitation in the number of group that can be present in an RPC request that uses the AUTH_SYS authentication flavour.
The specification limits the maximum number of groups that can be present in this header to 16.
Due to that, an NFS client that uses AUTH_SYS authentication will truncate the list of groups sent in each request to 16. If an access request to a file/folder depends on one of the truncated groups it will be denied.