By setting both aclmode and aclinherit to passthrough, you can use ACL's
for NFS4 and CIFS sharing on the same zfs dataset, without the ACL's
being destroyed by NFS4 clients.
If you would like to map a CIFS (windows) account to an unix account,
see the idmap command. "# idmap add winuser unixuser" should do the
trick for you.
If you add an id mapping for a windows user to root (# idmap add
administrator root), you'll be able to have root access when configuring
ACL's from Windows when connected to the CIFS share with the
administrator account. You can use this to configure ACL's for spesific
users. Just make sure you have completed all the idmapping before
setting ACL's, and keep the administrator account in the ACL.
On 08/12/2011 10:52 AM, Lanky Doodle wrote:
My S11E server is needed to serve Windows clients. I read a while ago (last
year!) about 'fudging' it so that Everyone has read/write access.
Is it possible for me to lock this down to users? I only have a single user on
my Windows clients and in some case (htpc) this user is logged on automatically.
So could I map a Windows user with a Solaris user (matching credentials) and
only give (owner) access to my ZFS filesystems to this user?
zfs-discuss mailing list