Skip to main content
NetApp Knowledge Base

CONTAP-90483: "Access Denied" to CIFS share of a SnapMirror destination with native Fpolicy enabled

Views:
12
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Issue

  • Clients encounter Access Denied when trying to access a CIFS share

Windows cannot access share You do not have permission to access "\\share" contact your network administrator to request access

  • The share path points to the root of the volume
  • A sectrace shows access is denied by FPOLICY

::*> vserver security trace trace-result show -vserver svm1-dr

Vserver: svm1

Node Index Filter Details Reason

--------------- ----- -------------------------- ------------------------------

node-01 1 Security Style: - Access is denied by the FPolicy native policy. Protocol: cifs Volume: - Share: Share Path: /volume Win-User: DOMAIN\AdminUser UNIX-User: root Session-ID: 123456789

  • The volume is a DP volume and the destination of currently synced SnapMirror relationship
  • Native Fpolicy is enabled, blocking OPEN events on files with * specified on the -file-extensions-to-include configuration
  • The user should otherwise be allowed access based on file permissions, share permissions, and export policies

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.