File level acl's on the file system on the volumes?
Richard D Borders CPR Escalations Engineer RTP, North Carolina USA - Network Appliance, Inc. Email: rborders@netapp.com
-----Original Message----- From: scott.belisle@americas.bnpparibas.com [mailto:scott.belisle@americas.bnpparibas.com] Sent: Wednesday, October 10, 2007 4:52 PM To: owner-toasters@mathworks.com; toasters@mathworks.com Subject: CIFS share creation security question
Quick question, is there anyway to allow AD users/groups the ability
to
create or delete cifs shares on specific volumes, but not others? Say we have an HR and Sales volume on the same filer. Each has their own IT personnel that create shares on each specific volume, but not each other's. Right now they are in the local admin group so they can theoretically do whatever they please, but we are looking for a more granular way to lock this down. Any suggestions?
Thx!
This message and any attachments (the "message") is intended solely
for
the addressees and is confidential. If you receive this message in error, please delete it and immediately notify the sender. Any use not in accord with its purpose, any dissemination or disclosure, either whole or partial, is prohibited except formal approval. The internet can not guarantee the integrity of this message. BNP PARIBAS (and its subsidiaries) shall (will) not therefore be liable for the message if modified. Please note that certain functions and services for BNP Paribas may be performed by BNP Paribas RCC, Inc.
s subsidiaries) shall (will)=20 not therefore be liable for the message if modified. Please note that certain=20 functions and services for BNP Paribas may be performed by BNP Paribas RCC, Inc.
=20
________________________________
Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately.
------_=_NextPart_001_01C80BBD.1E200354 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:x=3D"urn:schemas-microsoft-com:office:excel" = xmlns:p=3D"urn:schemas-microsoft-com:office:powerpoint" = xmlns:a=3D"urn:schemas-microsoft-com:office:access" = xmlns:dt=3D"uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" = xmlns:s=3D"uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" = xmlns:rs=3D"urn:schemas-microsoft-com:rowset" xmlns:z=3D"#RowsetSchema" = xmlns:b=3D"urn:schemas-microsoft-com:office:publisher" = xmlns:ss=3D"urn:schemas-microsoft-com:office:spreadsheet" = xmlns:c=3D"urn:schemas-microsoft-com:office:component:spreadsheet" = xmlns:oa=3D"urn:schemas-microsoft-com:office:activation" = xmlns:html=3D"http://www.w3.org/TR/REC-html40" = xmlns:q=3D"http://schemas.xmlsoap.org/soap/envelope/" xmlns:D=3D"DAV:" = xmlns:x2=3D"http://schemas.microsoft.com/office/excel/2003/xml" = xmlns:ois=3D"http://schemas.microsoft.com/sharepoint/soap/ois/" = xmlns:dir=3D"http://schemas.microsoft.com/sharepoint/soap/directory/" = xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#" = xmlns:dsp=3D"http://schemas.microsoft.com/sharepoint/dsp" = xmlns:udc=3D"http://schemas.microsoft.com/data/udc" = xmlns:xsd=3D"http://www.w3.org/2001/XMLSchema" = xmlns:sps=3D"http://schemas.microsoft.com/sharepoint/soap/" = xmlns:xsi=3D"http://www.w3.org/2001/XMLSchema-instance" = xmlns:udcxf=3D"http://schemas.microsoft.com/data/udc/xmlfile" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" = xmlns=3D"http://www.w3.org/TR/REC-html40%22%3E
<head> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii"> <meta name=3DGenerator content=3D"Microsoft Word 12 (filtered medium)"> <!--[if !mso]> <style> v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} </style> <![endif]--> <style> <!-- /* Font Definitions */ @font-face {font-family:Mangal; panose-1:0 0 4 0 0 0 0 0 0 0;} @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:Verdana; panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:Consolas; panose-1:2 11 6 9 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Times New Roman","serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} pre {mso-style-priority:99; mso-style-link:"HTML Preformatted Char"; margin:0in; margin-bottom:.0001pt; font-size:10.0pt; font-family:"Courier New";} span.HTMLPreformattedChar {mso-style-name:"HTML Preformatted Char"; mso-style-priority:99; mso-style-link:"HTML Preformatted"; font-family:Consolas;} span.EmailStyle19 {mso-style-type:personal-reply; font-family:"Verdana","sans-serif"; color:#1F497D;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.Section1 {page:Section1;} --> </style> <!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--> </head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 color=3D"#1f497d" = face=3DVerdana><span style=3D'font-size:10.0pt;font-family:"Verdana","sans-serif";color:#1F497= D'><o:p> </o:p></span></font></p>
<div>
<p class=3DMsoNormal><font size=3D2 color=3D"#1f497d" = face=3DVerdana><span style=3D'font-size:10.0pt;font-family:"Verdana","sans-serif";color:#1F497= D'>Try putting them in Power User Group of the filer</span></font><font = size=3D2 color=3D"#1f497d" face=3DCalibri><span = style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif"; color:#1F497D'><o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3D"#1f497d" = face=3DCalibri><span style=3D'font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497= D'> </span></font><font size=3D2 color=3D"#1f497d" face=3DCalibri><span = style=3D'font-size:11.0pt;font-family: "Calibri","sans-serif";color:#1F497D'><o:p></o:p></span></font></p>
</div>
<p class=3DMsoNormal><font size=3D2 color=3D"#1f497d" = face=3DVerdana><span style=3D'font-size:10.0pt;font-family:"Verdana","sans-serif";color:#1F497= D'><o:p> </o:p></span></font></p>
<div>
<div style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt = 0in 0in 0in'>
<p class=3DMsoNormal><b><font size=3D2 face=3DTahoma><span = style=3D'font-size:10.0pt; font-family:"Tahoma","sans-serif";font-weight:bold'>From:</span></font></= b><font size=3D2 face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] = <b><span style=3D'font-weight:bold'>On Behalf Of </span></b>Kevin Parker<br> <b><span style=3D'font-weight:bold'>Sent:</span></b> Thursday, October = 11, 2007 4:07 AM<br> <b><span style=3D'font-weight:bold'>To:</span></b> scott.belisle@americas.bnpparibas.com; owner-toasters@mathworks.com; toasters@mathworks.com<br> <b><span style=3D'font-weight:bold'>Subject:</span></b> RE: CIFS share = creation security question<o:p></o:p></span></font></p>
</div>
</div>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size: 12.0pt'><o:p> </o:p></span></font></p>
<pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt; font-family:"Tahoma","sans-serif";color:black'>Not without = V-filer/multistore.<o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'><o:p> </o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>**Sent using wireless = handheld...<o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>please excuse any typo's or = brevity**<o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>Kevin Parker - NWN = Corporation<o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>kparker@nwnit.com<o:p></o:p></span></font></pre><pre><font = size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>(m) 919.830.5819<o:p></o:p></span></font></pre><pre><font = size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>(o) 919.653.4489<o:p></o:p></span></font></pre><pre><font = size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'><o:p> </o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>-----Original = Message-----<o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>From: "scott.belisle@americas.bnpparibas.com" = <scott.belisle@americas.bnpparibas.com><o:p></o:p></span></font></p= re><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>To: "owner-toasters@mathworks.com" = <owner-toasters@mathworks.com>; "toasters@mathworks.com" = <toasters@mathworks.com><o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>Sent: 10/10/2007 5:38 = PM<o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'>Subject: CIFS share creation security = question<o:p></o:p></span></font></pre><pre><font size=3D2 color=3Dblack face=3DTahoma><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"; color:black'><o:p> </o:p></span></font></pre>
<div>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size: 12.0pt'><br> </span></font><font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt;font-family: "Arial","sans-serif"'>Quick question, is there anyway to allow AD = users/groups the ability to create or delete cifs shares on specific volumes, but not others? Say we have an HR and Sales volume on the same filer. = Each has their own IT personnel that create shares on each specific volume, = but not each other's. Right now they are in the local admin group so they = can theoretically do whatever they please, but we are looking for a more = granular way to lock this down. Any suggestions?</span></font> <br> <br> <font size=3D2 face=3DArial><span = style=3D'font-size:10.0pt;font-family:"Arial","sans-serif"'>Thx!</span></= font> <o:p></o:p></p>
<pre><font size=3D2 face=3D"Courier New"><span = style=3D'font-size:10.0pt'><o:p> </o:p></span></font></pre><pre><fon= t size=3D2 face=3D"Courier New"><span = style=3D'font-size:10.0pt'><o:p> </o:p></span></font></pre><pre><fon= t size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>This = message and any attachments (the "message") is intended solely = for <o:p></o:p></span></font></pre><pre><font size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>the = addressees and is confidential. If you receive this message in error, = <o:p></o:p></span></font></pre><pre><font size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>please = delete it and immediately notify the sender. Any use not in accord = <o:p></o:p></span></font></pre><pre><font size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>with its = purpose, any dissemination or disclosure, either whole or partial, = <o:p></o:p></span></font></pre><pre><font size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>is = prohibited except formal approval. The internet can not guarantee the = <o:p></o:p></span></font></pre><pre><font size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>integrity = of this message. BNP PARIBAS (and its subsidiaries) shall (will) = <o:p></o:p></span></font></pre><pre><font size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>not = therefore be liable for the message if modified. Please note that = certain <o:p></o:p></span></font></pre><pre><font size=3D2 face=3D"Courier New"><span style=3D'font-size:10.0pt'>functions = and services for BNP Paribas may be performed by BNP Paribas RCC, = Inc.<o:p></o:p></span></font></pre></div>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span = style=3D'font-size: 12.0pt'><o:p> </o:p></span></font></p>
<div class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><font = size=3D3 face=3D"Times New Roman"><span style=3D'font-size:12.0pt'>
<hr size=3D2 width=3D"100%" align=3Dcenter>
</span></font></div>
<p class=3DMsoNormal><font size=3D1 color=3Dblack face=3DArial><span = style=3D'font-size: 7.5pt;font-family:"Arial","sans-serif";color:black'>Note: This message = and any attachments is intended solely for the use of the individual or entity = to which it is addressed and may contain information that is non-public, = proprietary, legally privileged, confidential, and/or exempt from disclosure. If you = are not the intended recipient, you are hereby notified that any use, = dissemination, distribution, or copying of this communication is strictly prohibited. = If you have received this communication in error, please notify the original = sender immediately by telephone or return email and destroy or delete this = message along with any attachments immediately.</span></font><o:p></o:p></p>
</div>
</body>
</html>
------_=_NextPart_001_01C80BBD.1E200354--