Home
On Premises
ONTAP 9
Data Access
NAS
NAS KBs
NFS users have permission issues when they belong to more than 16 groups

NFS users have permission issues when they belong to more than 16 groups

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 4,279

Visibility:: Public

Votes:: 1

Category:: ontap-9

Specialty:: nas

Last Updated:

Applies to

ONTAP 9
NFS

Issue

NFS user can access some folder/files, but for other folder/files get " Permission denied".

[d3867804@hkl2016xxxx ~]$ cd /vol/lun_netapp/sasxxx_split/AMH -bash: cd: /vol/lun_netapp/sasxxx_split/AMH: Permission denied

NFS export is mounted with auth=sys
The users belong to more than 16 groups.
- Running the id command on the Linux/Unix client shows the full list of the Unix user's auxiliary groups
nfs credentials show shows that ONTAP does not have the full list of the Unix user's auxiliary groups
vserver security trace says that Access is denied by Unix permissions

auth-sys-extended-groups option is disabled on the vserver.

::> set -privilege advanced Warning: These advanced commands are potentially dangerous; use them only when directed to do so by NetApp personnel. Do you want to continue? {y|n}: y

::*> vserver nfs show -vserver vs1 -fields auth-sys-extended-groups,extended-groups-limit vserver auth-sys-extended-groups extended-groups-limit ------- ------------------------ --------------------- vs1 disabled