Thursday, June 11, 2009

Access Denied when Administering NetApp root volume with Microsoft Client for NFS

Symptom Brief Description:
You receive an access denied message when attempting to use the Microsoft Client for NFS to modify files on a NetApp root volume.
Problem:
Administering a NetApp filer requires the ability to modify certain files contained in the /etc directory of the root volume. The files are modifiable from a linux computer connected to the export, but not from a Windows computer.
Symptom:
  • Cannot create a new file in the /etc directory
  • Cannot modify a file in the /etc directory
Solution:
The NetApp filer will only allow modification from a client with a UID of zero. Make the following registry changes to force the Microsoft Client for NFS to use the correct UID. This may cause problems accessing other resources if you use a UID mapping service within your organization.
Set or create the following DWORD (32-bit) values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default
Name: AnonymousGid
Data: 0
Name: AnonymousUid
Data: 0
You may also need to set the following value depending on the configuration of your NetApp OnTap operating system.
Name: UseReservedPorts
Data: 0
Restart the Client for NFS service (or your machine). Reconnect the mount using syntax similar to:
mount toaster:/vol/root r:
Type ‘mount’ and ensure the properties show UID=0, GID=0.

You may need to use the "-o nolock" option in the mount command to get writes to succeed.

No comments:

Post a Comment