CIFS users get no access or insufficient access due to share level permissions
Applies to
- ONTAP 9 and later
- SMB/CIFS
- CIFS share level permissions
Issue
- User(s) with rights to access a directory, based on file permissions, can be denied access if they don't have adequate rights to the share they are using to access it
- They could be unable to access the share, or just unable to to write or delete items in a directory where file permissions would grant them access
- File permissions can be checked using the command below
::> file-directory show -vserver vs1 -path /volname/folder1
Vserver: vs1
File Path: /volname/folder1
File Inode Number: 64
Security Style: ntfs
Effective Style: ntfs
DOS Attributes: 10
DOS Attributes in Text: ----D---
Expanded Dos Attributes: -
UNIX User Id: 0
UNIX Group Id: 0
UNIX Mode Bits: 777
UNIX Mode Bits in Text: rwxrwxrwx
ACLs: NTFS Security Descriptor
Control:0xbf14
Owner:BUILTIN\Administrators
Group:BUILTIN\Administrators
DACL - ACEs
ALLOW-User1-0x1f01ff-OI|CI
-
Sectrace show below error:
Access is denied while mapping a share, insufficient share permission