Skip to main content
NetApp Knowledge Base

Why do I see different name mapping when using different commands

  1. Last updated
  2. Save as PDF
Views:
10
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

ONTAP 9+

Answer

Name mapping result can vary because different commands different scopes to their data flow.

  • vserver services access-check name-mapping show
    • This shows the name-mapping decision the SVM would make when translating an identity based solely on the name mapping configuration:
      • Name-mapping rules (vserver name-mapping)
      • The direction of mapping (Windows→UNIX or UNIX→Windows)
      • The input name format (DOMAIN\user vs user@domain vs plain user)
      • No lookup is being performed for the provided user or the expecting mapped user with the configured name services, outside of the mapping itself
      • Think of it as: “Given this incoming identity, what would ONTAP map it to?”
  • vserver services access-check authentication show-creds or vserver security file-directory show-effective-permissions
    • This shows the credentials/identity ONTAP actually ended up using for an authentication attempt/session context, which can include:
      • The authenticated Windows identity (SID-based) and/or UNIX identity (uid/gid)
      • The resolved UNIX user (or Windows user) after identity resolution
      • Results influenced by credential caching and the actual protocol path
      • Think of it as: “What identity and groups are being used right now for access decisions?”

Additional Information

additionalInformation_text

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.