Skip to main content
NetApp Knowledge Base

No UNIX user is mapped to the Win user

Views:
248
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

ONTAP 9

Issue

  • CIFS authentication due to no UNIX user being mapped to a valid windows user
  • secd logs:

| [000.005.980] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secdGetUnixCredsForWindowsUser() at authentication/secd_rpc_auth.cpp:676

| [000.005.990] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secdLoadUnixCredsFromContext() at authentication/secd_rpc_auth.cpp:276

| [000.005.999] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secdLoadResponseFromContext() at authentication/secd_rpc_auth.cpp:396

| [000.006.009] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in secd_rpc_auth_extended_1_svc() at authentication/secd_rpc_auth.cpp:761

| [000.006.020] debug: SecD RPC Server sending reply to RPC 151: secd_rpc_auth_extended { in secdSendRpcResponse() at server/secd_rpc_server.cpp:1405 }

| [000.006.232] ERR : RESULT_ERROR_SECD_NAME_MAPPING_DOES_NOT_EXIST:6916 in getFailureCode() at utils/secd_thread_task_journal.cpp:292

| [000.006.262] ERR : Error: User authentication procedure failed
| [000.006.268] ERR : [ 5] User 'CIFSLABAdministrator' authenticated using NTLMv2 security
| [000.006.273] ERR : [ 5] Trying to map 'CIFSLABAdministrator' to UNIX user 'administrator' using implicit mapping
| [000.006.279] ERR : [ 5] Name 'administrator' not found in UNIX authorization source LOCAL
| [000.006.284] ERR : [ 5] Could not get an ID for name 'administrator' using any NS-SWITCH authorization source
| [000.006.289] ERR : [ 5] Trying to map user to the default UNIX name 'none'
| [000.006.295] ERR : [ 5] Name 'none' not found in UNIX authorization source LOCAL
| [000.006.300] ERR : [ 5] Could not get an ID for name 'none' using any NS-SWITCH authorization source
| [000.006.306] ERR : **[ 5] FAILURE: Unable to map Windows user 'CIFSLABAdministrator' to appropriate UNIX user

 

Note: Implicit mapping returns not found, default user mapping returns not found, hence user mapping fails, indicating user mapping is not configured.

  • No name mapping rule matches CIFSLABAdministrator
::> vserver name-mapping show
        Vserver        Direction Position
        -------------- --------- --------
        vserver2       win-unix  1        Pattern: cifslab\\Administrator
                                          Replacement: root
        vserver2       win-unix  2        Pattern: NFSQA-CIFS\\Administrator
                                          Replacement: root
        vserver2       win-unix  3        Pattern: NFSQA\\Administrator
                                          Replacement: root
        vserver2       unix-win  1        Pattern: root
                                          Replacement: cifslab\\Administrator
        4 entries were displayed.
  • Default unix user not configured
::> cifs options show -vserver vserver1
                                               Vserver: vserver1
                                     Default UNIX User: none
                        Read Grants Exec for Mode Bits: disabled
        Windows Internet Name Service (WINS) Addresses: 172.17.152.42

                                    Default UNIX Group:

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.