Unable to mount NFS export when client does not match any export-policy rules

Last updated

Apr 30, 2025
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 691

Visibility:: Public

Votes:: 1

Category:: ontap-9

Specialty:: nas

Last Updated:: 4/30/2025, 12:53:54 PM

Applies to

ONTAP 9
NFS
CVO

Issue

NFS clients are unable to mount the exported volume or qtree
Client error: Permission denied and/or access denied by server while mounting and/or mount.nfs: Operation not permitted
Running the export-policy check-access command shows that the client was denied on Rule Index 0

Example Volume:

::*> export-policy check-access -vserver vs_name -volume vol_name -client-ip 10.41.xx.xxx -authentication-method sys -protocol nfs3 -access-type read-write Policy Policy Rule Path Policy Owner Owner Type Index Access ----------------- ---------- --------- ---------- ------ ---------- / default svm_root volume 11 read /oracle oracle_policy oracle volume 0 denied 2 entries were displayed.

Example Qtree:

::> export-policy check-access -vserver shruti -volume test_asa -client-ip 10.216.41.xx -authentication-method sys -protocol nfs3 -access-type read-write -qtree test_asa_qtree Policy Policy Rule Path Policy Owner Owner Type Index Access ----------------------------- ---------- --------- ---------- ------ ---------- / test1 shru_svm_root volume 1 read /test_asa default test_asa volume 5 read /test_asa/test_asa_qtree qtree_policy test_asa_qtree qtree 0 denied 3 entries were displayed.