Skip to main content
Start a Conversation

This post is more than 5 years old

Solved!

Go to Solution

BalajiPaladugu

85 Posts

48909

August 24th, 2012 13:00

How to set CIFS share permissions

Hello

I want to set cifs share permissions for a user group. How to do that.

dynamox

9 Legend

 • 

20.4K Posts

August 24th, 2012 17:00

by default you have to be domain admin to connect to the CIFS server, you can set this parameter which will allow the account that joined the CIFS server to add to be added to the local administrator group on the CIFS server.

Question: Some alternative ways to manage the CIFS server from Windows Management console by non-Domain Administrators
Environment: Product: Celerra Network Server (CNS)
Environment: EMC SW: NAS Code All
Environment: Protocol: Server Message Block (SMB)
Environment: Protocol: Common Internet File System (CIFS)
Problem: Get "Access is denied" error when connect to the CIFS server from Windows Management console by non Domain Administrators.
Root Cause: Sometimes the customer who manages the Celerra is not a member of the "Domain Admins" groups. As a result, they cannot manage the shares, permissions or local groups when connecting to the CIFS server from Windows management console due to a rights issue.
Fix:

Use one of the following ways if Domain Admins are not reachable:

  • Enable the cifs.djAddAdminToLg parameter before join the CIFS server to domain (for new CIFS server to be created):

    $ server_param -f cifs -m dja AddAdminToLg -v 1

    This enables the user performing the join to be automatically added to the CIFS server's Administrators Local Group when joining a CIFS server to the domain.

  • Enable local users for existing CIFS server (which is allowed when the CIFS server is already joined to the domain):

    $ server_cifs -add compname= ,domain= ,local_users

    Then you will be prompted to type the initial password of the local Administrator. You must change the initial password using Windows Security(ALT-CTRL-DEL)-> Change Password, and enter "Administrator" for "User name:" field, the CIFS server's IP address for "Log on to:" field before accessing the CIFS server using the local Administrator account.

    Once this is done, you need to establish a connection to the CIFS server by the local Administrator account in Windows cmd:

    net use \\ \C$ /user: \Administrator

    Then you you will be able to connect to the CIFS server from the Windows Management console and perform administrative operations like adding the Celerra administrators in domain to the local Administrators group of the CIFS server.

dynamox

9 Legend

 • 

20.4K Posts

August 24th, 2012 15:00

Use computer management MMC, connect to the CIFS server and manage permissions.

BalajiPaladugu

85 Posts

August 24th, 2012 17:00

yes this is a new cifs server and  is joined to AD, should I be a domain admin to set the permissions or a cifs server local admin?

I've connected to the cifs server from my local work station using computer management ---> connect to remote system

dynamox

9 Legend

 • 

20.4K Posts

August 24th, 2012 17:00

if that CIFS server is joined to AD, your account does not have sufficient privileges. Is this a brand new CIFS server ?

BalajiPaladugu

85 Posts

August 24th, 2012 17:00

Thanks dynamox.

BalajiPaladugu

85 Posts

August 24th, 2012 17:00

I get error5: Access is denied when I got to connect to a remote computer(cifs server) and click on shares.

BalajiPaladugu

85 Posts

August 24th, 2012 18:00

How to disable the local users enabled from the above procedure?

dynamox

9 Legend

 • 

20.4K Posts

August 24th, 2012 19:00

i don't think you can without unjoining the CIFS server from AD. You just need to set this parameter

server_param -f cifs -m dja AddAdminToLg -v 1

and join the CIFS server to add, your account will be automatically added tot he admin group. You don't need to enable local groups.

BP-SAN

13 Posts

November 26th, 2015 22:00

Hi ,

After doing MMC to one of the CIFS server,Which is residing on celerra.

I could able to login . But when I am going to ->system tools->shared folders->open files On this server- we get the below error (attached) while trying to open "open files"

Error:

"Following error occurred while reading the list of files opened by the windows client

Error:1726 The remote procedure call failed"

That CIFS server is there on DM3, Apart from this server whichever are there on DM3 from all I can able open "opne files".

Some issue is there with this CIFS server only

Please suggest what could be the issue.

Regards

MasudError_pop-up.JPG.jpg

Rainer_EMC

4 Operator

 • 

8.6K Posts

November 30th, 2015 07:00

Please make sure that the account your are using is a member of the local Administrators group of that CIFS server.

You can also check if the server_cifs CLI command to list the open files works

see the man page for server_cifs or the CIFS manual for details on the audit option.

If the CLI works then your problem is not with the CIFS server but rather your local config on the Windows / user site.

If the problem then still persists please open a service request

Rainer_EMC

4 Operator

 • 

8.6K Posts

November 30th, 2015 07:00

P.S.: I would suggest to open a new post for a new topic instead of adding to a post from 3 years ago that was about a different topic

Was this post helpful?

View All

No Events found!

Top