User having required permissions not able to access cifs path when there is existing cifs session with old credentials
Applies to
- ONTAP 9
- CIFS
Issue
- User with all required permissions not able to access the cifs path and getting "
permission denied
" or "access is denied
" error. - User has read/write permissions on the cifs path and windows user is mapping to unix root:
cluster1::> vserver security file-directory show-effective-permissions -vserver vs1 -win-user-name domain1\user1 -path /volume/path
Vserver: vs1
Windows User Name: domain1\user1
Unix User Name: root
File Path: /volume/path
CIFS Share Path: -
Effective Permissions:
Effective File or Directory Permission: 0x1f01ff
Read
Write
Read Attributes
Write Attributes
- Sectrace shows user does not have read permissions and its mapping to unix pcuser:
cluster1::*> sectrace trace-result show
Vserver: vs1
Node Index Filter Details Reason
--------------- ----- -------------------------- ------------------------------
node1 Security Style: NTFS and Access is denied. The
NT ACL requested permissions are not
granted by the ACE while
opening existing file or
directory. Access is not
granted for: "Read
Attributes", "Read"
Protocol: cifs
Volume: -
Share: share1
Path: /volume/path
Win-User: domain1\user1
UNIX-User: pcuser
Session-ID: 1013872866111782917