Hey everyone,
we’ve just set up a Windows 2k12 system and the renaming of files and folders doesn’t work there too, so it’s not a Windows 2016 problem.
Any further ideas on how to debug this issue?
Best,
Alexander Griesser
Head of Systems Operations
ANEXIA Internetdienstleistungs GmbH
E-Mail:
AGriesser@anexia-it.com
Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 Klagenfurt
Geschäftsführer: Alexander Windbichler
Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601
Von: Alexander Griesser
Gesendet: Freitag, 7. April 2017 20:30
An: 'tmac' <tmacmd@gmail.com>
Cc: Parisi, Justin <Justin.Parisi@netapp.com>; toasters@teaparty.net
Betreff: AW: Windows NFS Client + cDOT
Yes, I’ve set anon in the export policy for the volume it self to 0 and I’ve set the registry keys on windows for AnonymousUID and
AnonymousGID to 0 – without the registry keys, it will be „-2“ on the mount options in windows, whatever that negative value is used for…
If the permissions were wrong, I could not create files at all in the first place, I guess, right? But I can create them and they show
as UID 0 on the filer (also tested on a linux system where I mounted this volume) – and I can delete the files as well.
The only thing which is not working, is renaming and I’m not sure why it’s refusing to do so. Maybe this is a Win 2k16 thinggie? I
can try to spin up a Win2k12 system to see if this problem also persists there, that would at least rule out a misconfiguration on the filer I guess.
I did not create separate policies for the SVM root, the SVM root only gets applied the default policy here and the default policy
iss et to „ro all“, „rw never“ – as you can see below.
Best,
Alexander Griesser
Head of Systems Operations
ANEXIA Internetdienstleistungs GmbH
E-Mail:
AGriesser@anexia-it.com
Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 Klagenfurt
Geschäftsführer: Alexander Windbichler
Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601
Von: tmac [mailto:tmacmd@gmail.com]
Gesendet: Freitag, 7. April 2017 20:24
An: Alexander Griesser <AGriesser@anexia-it.com>
Cc: Parisi, Justin <Justin.Parisi@netapp.com>;
toasters@teaparty.net
Betreff: Re: Windows NFS Client + cDOT
Not sure if this is it or not, but you have said that you set the anon ID's to 0. In this policy, it is set to 65535
Do you create separate policies for the SVM root and the data volumes?
If you do, Root could/should be allow RO to all, rw to none.
Then set the restrictions on the data volume policy.
On Fri, Apr 7, 2017 at 2:19 PM, Alexander Griesser <AGriesser@anexia-it.com> wrote:
Well, there are like 70 export policies on this SVM for 70 different volumes, I guess the policy for this volume as well as the default policy for the SVM will suffice here? If so, the export policy for this volume has already been sent earlier and here’s the default policy for this SVM:
::> export-policy rule show -vserver XXXXXXX -policyname default -instance
Vserver: XXXXXXX
Policy Name: default
Rule Index: 1
Access Protocol: nfs
List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 0/0
RO Access Rule: any
RW Access Rule: never
User ID To Which Anonymous Users Are Mapped: 65535
Superuser Security Types: none
Honor SetUID Bits in SETATTR: true
Allow Creation of Devices: true
Best,
Alexander Griesser
Head of Systems Operations
ANEXIA Internetdienstleistungs GmbH
E-Mail: AGriesser@anexia-it.com
Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 Klagenfurt
Geschäftsführer: Alexander Windbichler
Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601
Von: tmac [mailto:tmacmd@gmail.com]
Gesendet: Freitag, 7. April 2017 20:15
An: Alexander Griesser <AGriesser@anexia-it.com>
Cc: Parisi, Justin <Justin.Parisi@netapp.com>; toasters@teaparty.net
Betreff: Re: Windows NFS Client + cDOT
yes, yes..
export policy rule show -instance (please)