Share via


NFS: Folders that are shared by using both the SMB and NFS protocols should use mapped accounts

Updated: February 2, 2011

Applies To: Windows Server 2008 R2

This topic is intended to address a specific issue identified by a Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the File Services Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer.

Operating System

Windows Server 2008 R2

Product/Feature

File Services

Severity

Error

Category

Configuration

Issue

A folder that is shared by using both the Server Message Block (SMB) protocol and the Network File System (NFS) protocol has Anonymous logon or Unmapped Unix User Access (UUUA) enabled.

Impact

Users might not be able to access the same files by using the SMB protocol as they can by using the NFS protocol.

Resolution

Use Share and Storage Management to configure Services for Network File System to use an appropriate identity mapping solution for mapping Windows accounts to non-Windows accounts.

Access to file servers that are running the Windows operating system requires user and group identities in Windows. However, NFS access is based on UNIX-style user and group identities. To enable users to access NFS shares, you can set up identity mapping. Services for NFS can retrieve identity mappings from Active Directory Domain Services if the schema includes the appropriate UNIX-style identities.

Membership in the Administrators group is required to complete this procedure.

To configure identity mapping by using Share and Storage Management

  1. In Administrative Tools, click Share and Storage Management.

  2. In the Actions pane, click Edit NFS Configuration.

  3. In Services for NFS Configuration, click Select an Identity Mapping Solution, and then click Identity Mapping Wizard.

  4. In Identity Mapping Solution, click Retrieve identity mappings from Active Directory, and then proceed through the wizard.

Additional references

Specify How Server for NFS Obtains Windows User and Group Information (https://technet.microsoft.com/en-us/library/cc754514.aspx)