CIFS client unable to access a CIFS share mapped to a directory below a UNIX volume with error Access Denied
Applies to
- ONTAP 9
- CIFS
- UNIX volume
Issue
- CIFS clients are unable to access a CIFS share mapped to a directory below a UNIX security-style volume.
- The client receives an Access Denied error.
-
file-directory show output:
::> vserver security file-directory show -vserver01 -path /volume01
Vserver: SVM01
File Path: /volume01
File Inode Number: 64
Security Style: unix
Effective Style: unix
DOS Attributes: 10
DOS Attributes in Text: ----D---
Expanded Dos Attributes: -
UNIX User Id: 0
UNIX Group Id: 0
UNIX Mode Bits: 744
UNIX Mode Bits in Text: rwxr--r-- -
In an environment where Share01 that the CIFS client needs to access has for path /volume01/directory, a sectrace shows the client is denied traversing the UNIX volume path.
Node Index Filter Details Reason
--------------- ----- -------------------------- ------------------------------
Node-01 1 Security Style: UNIX Access is denied by UNIX
permissions permissions while traversing
the directory. Access is not
granted for: "Synchronize",
"Read Control", "Read
Attributes", "Execute", "Read
EA", "Read"
Protocol: cifs
Volume: -
Share: Share01
Path: /directory
Win-User: domain\user01
UNIX-User: user01