Issue #13249 has been updated by Josh Cooper.
See also #1033, <https://github.com/grooverdan/puppet-acl>, <https://github.com/AllPlayers/puppet-acl>, and <https://github.com/avalos/puppet-acl> ---------------------------------------- Feature #13249: Windows ACL support https://projects.puppetlabs.com/issues/13249#change-97359 * Author: Josh Cooper * Status: Accepted * Priority: Normal * Assignee: * Category: * Target version: * Affected Puppet version: * Keywords: windows acl security * Branch: ---------------------------------------- Puppet's current implementation of mapping POSIX modes to Windows ACLs has some limitations. * Puppet can only assign permissions to owner and group, but it's common practice on Windows systems to set full control to Administrators, LocalSystem, and Users, which is more than can be represented in our model, without creating a local group. * Puppet doesn't support deny access control entries Puppet should support setting multiple access control entries, deny/allow aces, and inheritance. See <http://technet.microsoft.com/en-us/library/bb727008.aspx> for common permissions. Another option would be to express permissions in terms of SDDL, but that is likely overkill. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
