Richard Bruce wrote: > Okay, it sounds like I might have been misunderstanding something then. On a > 7210 the interface only allows ACL configuration on the share root directory. > > > Keep in mind that there are no Unix users or groups configured on the box, > and all users and groups are defined in active directory. How would we > configure the ACL's to allow only a specific active directory group full > control of the root directory of the share and hide the contents for everyone > else?
Hi Richard, I'm not sure if you've discovered this feature yet, but you can create ACL entries for "Named Users" and "Named Groups". When providing the name, you can add an Active Directory user or group directly to the ACL -- there's no need to establish an identity mapping rule, as you can add the AD user or group directly. > For example, we wish to give full control of the share root directory to the > active directory defined "Group_A" in domain "ad_domain.edu". Do we define > an ACL for defined user "grou...@ad_domain.edu" with all rights except "i" > and "n"? Yes. - Bill -- Bill Pijewski, Sun Microsystems Fishworks http://blogs.sun.com/wdp _______________________________________________ cifs-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/cifs-discuss
