メインコンテンツまでスキップ

エクスポートポリシーでクライアントのアクセスが制限されないのはなぜですか?

  1. 最後の更新
  2. PDFとして保存
Views:
146
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

に適用されます

ONTAP 9

問題

設定は以下のとおりです。
 
TEST-01::*> cifs share show -vserver test-fs02 -instance
 
Vserver: test-fs02
Share: test
CIFS Server NetBIOS Name: TEST-FS02
Path: /test
Share Properties: oplocks
          browsable
          changenotify
          show-previous-versions
Symlink Properties: symlinks
File Mode Creation Mask: -
Directory Mode Creation Mask: -
Share Comment: -
Share ACL: Everyone / Full Control
File Attribute Cache Lifetime: -
Volume Name: test
Offline Files: manual
Vscan File-Operations Profile: standard
Maximum Tree Connections on Share: 4294967295
UNIX Group for File Create: -
 
Vserver: test-fs02
Share: qtree01
CIFS Server NetBIOS Name: TEST-FS02
Path: /test/qtree01
Share Properties: oplocks
          browsable
          changenotify
          show-previous-versions
Symlink Properties: symlinks
File Mode Creation Mask: -
Directory Mode Creation Mask: -
Share Comment: -
Share ACL: Everyone / Full Control
File Attribute Cache Lifetime: -
Volume Name: test
Offline Files: manual
Vscan File-Operations Profile: standard
Maximum Tree Connections on Share: 4294967295
UNIX Group for File Create: -
 
TEST-01::*> qtree show -vserver test-fs02 -volume test -instance
 
Vserver Name: test-fs02
Volume Name: test
Qtree Name: ""
Actual (Non-Junction) Qtree Path: /vol/test
Security Style: ntfs
Oplock Mode: enable
Unix Permissions: -
Qtree Id: 0
Qtree Status: normal
Export Policy: default
Is Export Policy Inherited: true
 
Vserver Name: test-fs02
Volume Name: test
Qtree Name: qtree01
Actual (Non-Junction) Qtree Path: /vol/test/qtree01
Security Style: ntfs
Oplock Mode: enable
Unix Permissions: -
Qtree Id: 1
Qtree Status: normal
Export Policy: testpolicy
Is Export Policy Inherited: false
 
 
TEST-01::*> export-policy rule show -instance
 
Vserver: test-fs02
Policy Name: default
Rule Index: 1
Access Protocol: cifs
List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 0.0.0.0/0
RO Access Rule: any
RW Access Rule: any
User ID To Which Anonymous Users Are Mapped: 65534
Superuser Security Types: any
Honor SetUID Bits in SETATTR: true
Allow Creation of Devices: true
NTFS Unix Security Options: fail
Vserver NTFS Unix Security Options: use_export_policy
Change Ownership Mode: restricted
Vserver Change Ownership Mode: use_export_policy
 
Vserver: test-fs02
Policy Name: testpolicy
Rule Index: 1
Access Protocol: cifs
List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 192.168.1.0/24
RO Access Rule: any
RW Access Rule: any
User ID To Which Anonymous Users Are Mapped: 65534
Superuser Security Types: none
Honor SetUID Bits in SETATTR: true
Allow Creation of Devices: true
NTFS Unix Security Options: fail
Vserver NTFS Unix Security Options: use_export_policy
Change Ownership Mode: restricted
Vserver Change Ownership Mode: use_export_policy
 
Windows クライアント( 192.168.2.1 ) Jumphost を CIFS 共有「 \\test-fs02\test 」に接続したあと、「 test 」フォルダの下にある「 qtree01 」フォルダを確認します。
これで、クライアントの IP アドレスが 192.168.1.x と同じサブネットではなくても、フォルダ「 qtree01 」を開くことができます

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.