I understand this for Openfiler Shares (like /mnt/vg1/vol1/users/ in my example below), but is this also true of subfolders created within shares? I know they automatically possess the same ACL as the root share, but can this be changed as with normal windows shares?
Thanks Rafiu -----Original Message----- From: Rafiu M. Fakunle [mailto:[EMAIL PROTECTED] Sent: Thursday, August 30, 2007 2:10 PM To: Dilley, Chris Cc: [email protected] Subject: Re: [OF-users] Not able to add domain user to subfolder ACL ----- "dilley chris" <[EMAIL PROTECTED]> wrote: > Hello everyone > > I have an new test installation of Openfiler 2.2.r1166-1-1 configured > to > authenticate with my 2003 AD and am able to see my AD users and > group. > I have a single share (/mnt/vg1/vol1/users/) configured with > controlled > access, pg=domain admins, ro=domain users. When I browse and > authenticate (as a domain admin) to this share from a windows XP > system > I can see this share and create subfolders and files. > > The problem comes when I attempt to give further ACL's to these > subfolders and files like I would any other Windows share. Opening > the > Security Properties on them (again from Windows XP) I attempt to add > a > user or group and configure ACL's for them. In the 'Select Users or > Groups' window I only have the choice of the OpenFiler server in the > 'From this location' which will not recognize any of my AD users or > groups. > > Should OpenFiler work this way? It is not expected that an admin would try to administer shares, access control included, from any other management tool. Even if you were to successfully set ACLs to subfolders, they'd be overwritten the next time group access control is modified from within the OF interface. If you require such fine-grained access control, then you should export disk blocks from Openfiler via iSCSI, mount, and create CIFS shares within your Windows server infrastructure which can then be exported to clients. > > Thanks for any help you can provide. > > Chris -- R. _______________________________________________ Openfiler-users mailing list [email protected] https://lists.openfiler.com/mailman/listinfo/openfiler-users
