Figured this out with some help from you all.

We’re running 8.1 and this option is only supported 8.1.1 and onward for : https://communities.netapp.com/thread/20549

Confirmed it on a 8.2 simulator. Still needed to use registry walk and set to even see/set the option but it is there. Once you’ve set it, even in non-privileged mode it appears if you run options nfs.

Thanks to all!

Randy

From: toasters-bounces@teaparty.net [mailto:toasters-bounces@teaparty.net] On Behalf Of Rue, Randy
Sent: Thursday, March 27, 2014 2:02 PM
To: toasters@teaparty.net
Subject: nfs.authsys.extended_groups_ns.enable?

Hello All,

Trying to work around the 16 group limitation of NFS v3 on our 8.1 vfiler and finding references to a “hidden” option “nfs.authsys.extended_groups_ns.enable” that will effectively disable group lookups via auth_sys/RPC and instead look to the filer’s AD authentication for a user’s group memberships. This is similar in spirit to Isilon’s “mapuid” feature and “regular” NFS’s –manage-gid switch.

But I’ve tried in regular mode, priv set advanced and priv set diag, and I always get “No such option nfs.authsys.extended_groups_ns.enable” if I try to view or change the option.

Am I missing some step to make this hidden double-secret-probationary option available?

Randy