メインコンテンツまでスキップ

エクスポートポリシーでクライアントのアクセスが制限されないのはなぜですか?

Views:
3
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

に適用されます

ONTAP 9

問題

設定は以下のとおりです。
 
TEST-01::*> cifs share show -vserver test-fs02 -instance
 
Vserver: test-fs02
Share: test
CIFS Server NetBIOS Name: TEST-FS02
Path: /test
Share Properties: oplocks
          browsable
          changenotify
          show-previous-versions
Symlink Properties: symlinks
File Mode Creation Mask: -
Directory Mode Creation Mask: -
Share Comment: -
Share ACL: Everyone / Full Control
File Attribute Cache Lifetime: -
Volume Name: test
Offline Files: manual
Vscan File-Operations Profile: standard
Maximum Tree Connections on Share: 4294967295
UNIX Group for File Create: -
 
Vserver: test-fs02
Share: qtree01
CIFS Server NetBIOS Name: TEST-FS02
Path: /test/qtree01
Share Properties: oplocks
          browsable
          changenotify
          show-previous-versions
Symlink Properties: symlinks
File Mode Creation Mask: -
Directory Mode Creation Mask: -
Share Comment: -
Share ACL: Everyone / Full Control
File Attribute Cache Lifetime: -
Volume Name: test
Offline Files: manual
Vscan File-Operations Profile: standard
Maximum Tree Connections on Share: 4294967295
UNIX Group for File Create: -
 
TEST-01::*> qtree show -vserver test-fs02 -volume test -instance
 
Vserver Name: test-fs02
Volume Name: test
Qtree Name: ""
Actual (Non-Junction) Qtree Path: /vol/test
Security Style: ntfs
Oplock Mode: enable
Unix Permissions: -
Qtree Id: 0
Qtree Status: normal
Export Policy: default
Is Export Policy Inherited: true
 
Vserver Name: test-fs02
Volume Name: test
Qtree Name: qtree01
Actual (Non-Junction) Qtree Path: /vol/test/qtree01
Security Style: ntfs
Oplock Mode: enable
Unix Permissions: -
Qtree Id: 1
Qtree Status: normal
Export Policy: testpolicy
Is Export Policy Inherited: false
 
 
TEST-01::*> export-policy rule show -instance
 
Vserver: test-fs02
Policy Name: default
Rule Index: 1
Access Protocol: cifs
List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 0.0.0.0/0
RO Access Rule: any
RW Access Rule: any
User ID To Which Anonymous Users Are Mapped: 65534
Superuser Security Types: any
Honor SetUID Bits in SETATTR: true
Allow Creation of Devices: true
NTFS Unix Security Options: fail
Vserver NTFS Unix Security Options: use_export_policy
Change Ownership Mode: restricted
Vserver Change Ownership Mode: use_export_policy
 
Vserver: test-fs02
Policy Name: testpolicy
Rule Index: 1
Access Protocol: cifs
List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 192.168.1.0/24
RO Access Rule: any
RW Access Rule: any
User ID To Which Anonymous Users Are Mapped: 65534
Superuser Security Types: none
Honor SetUID Bits in SETATTR: true
Allow Creation of Devices: true
NTFS Unix Security Options: fail
Vserver NTFS Unix Security Options: use_export_policy
Change Ownership Mode: restricted
Vserver Change Ownership Mode: use_export_policy
 
Windows クライアント( 192.168.2.1 ) Jumphost を CIFS 共有「 \\test-fs02\test 」に接続したあと、「 test 」フォルダの下にある「 qtree01 」フォルダを確認します。
これで、クライアントの IP アドレスが 192.168.1.x と同じサブネットではなくても、フォルダ「 qtree01 」を開くことができます

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support