Guys,
I've got a strange problem with a CIFS share on a cDOT 8.3 system. It's a small 2250 with some NFS storage for ESX and one volume with a single CIFS share.
The local admin to making changes to permissions and managed to lock himself out completely. The top level share name is /MIS, and we can get into sub-folders (luckily!) but can't actually map the top level any more.
I've opened a ticket, and I'm reading the man pages at:
https://library.netapp.com/ecmdocs/ECMP1196891/html/GUID-3D32772D-B4E8-4497-...
but I'm hesitant to make changes. So here's some example info:
ntap_019::*> vserver security file-directory show -vserver filestorage -path /MIS
Vserver: filestorage File Path: /MIS Security Style: ntfs Effective Style: ntfs DOS Attributes: 10 DOS Attributes in Text: ----D--- Expanded Dos Attributes: - Unix User Id: 0 Unix Group Id: 0 Unix Mode Bits: 0 Unix Mode Bits in Text: --------- ACLs: NTFS Security Descriptor Control:0x9504 Owner:BUILTIN\Administrators Group:BUILTIN\Administrators DACL - ACEs ALLOW-FOO\MIT Admins-0x1f01ff-OI|IO
ntap_019::*> vserver security file-directory show -vserver filestorage -path /MIS/UserDrives
Vserver: filestorage File Path: /MIS/UserDrives Security Style: ntfs Effective Style: ntfs DOS Attributes: 10 DOS Attributes in Text: ----D--- Expanded Dos Attributes: - Unix User Id: 65534 Unix Group Id: 65534 Unix Mode Bits: 0 Unix Mode Bits in Text: --------- ACLs: NTFS Security Descriptor Control:0x8504 Owner:FOO\someone Group:FOO\Domain Users DACL - ACEs ALLOW-FOO\MIT Admins-0x1f01ff-OI|IO (Inherited)
And since I'm a Linux/Netapp admin with limited understand of NTFS or Windows, I'm wondering what I can do to fix the permissions, or at least be able to open things up so that we can go in and fix it properly.
I have tried setting up a 'vserver security trace filter create ...' but it never seemed to give me any results back. Is there any simple way I can just change the top level permissions to make them WIDE open, so they can be modified again?
I even tried creating a new share, thinking that it was a share level issue, but it looks more like it's an NTFS permissions issue, which is why I'm stuck.
Thanks, John