I don't know how 7210 interface works but once you share a directory you can use any Windows client to manipulate the ACL for that share or any directories in it.
Richard Bruce wrote: > Okay, it sounds like I might have been misunderstanding something then. On a > 7210 the interface only allows ACL configuration on the share root directory. > > > Keep in mind that there are no Unix users or groups configured on the box, > and all users and groups are defined in active directory. How would we > configure the ACL's to allow only a specific active directory group full > control of the root directory of the share and hide the contents for everyone > else? > > For example, we wish to give full control of the share root directory to the > active directory defined "Group_A" in domain "ad_domain.edu". Do we define > an ACL for defined user "grou...@ad_domain.edu" with all rights except "i" > and "n"? > Yes, that's the spirit :). Note that i & n are inheritance flags not permissions/rights. As far as inheritance flags go f & d are important but of course you can use i & n as fits your requirements. These flags have the same semantics on ZFS and Windows. Afshin > Thanks again, > Richard _______________________________________________ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
