By setting both aclmode and aclinherit to passthrough, you can use ACL's for NFS4 and CIFS sharing on the same zfs dataset, without the ACL's being destroyed by NFS4 clients.

If you would like to map a CIFS (windows) account to an unix account, see the idmap command. "# idmap add winuser unixuser" should do the trick for you.

If you add an id mapping for a windows user to root (# idmap add administrator root), you'll be able to have root access when configuring ACL's from Windows when connected to the CIFS share with the administrator account. You can use this to configure ACL's for spesific users. Just make sure you have completed all the idmapping before setting ACL's, and keep the administrator account in the ACL.


On 08/12/2011 10:52 AM, Lanky Doodle wrote:

My S11E server is needed to serve Windows clients. I read a while ago (last 
year!) about 'fudging' it so that Everyone has read/write access.

Is it possible for me to lock this down to users? I only have a single user on 
my Windows clients and in some case (htpc) this user is logged on automatically.

So could I map a Windows user with a Solaris user (matching credentials) and 
only give (owner) access to my ZFS filesystems to this user?


zfs-discuss mailing list

Reply via email to