Just to reassert that CIFS component of a NetApp filer is absolutely the same of every other Windows server. I often meet customers that, ignoring basic rules of assigning *share permissions* and *ntfs file system rights* try to saddle all the responsibility of their issues to something "different" in Data Ontap CIFS :-)
So, once you've create the share (FilerView, System Manager, MMC using the c:\vol\ prefix before the volume/qtree path, see what is print where the MMC reports C$ pointing to c:\vol\vol0...) and assigned the permissions to the share the only thing you have to do is to work on tab "security" of the folders/subfolders/files you will create and, obviously, for share and or for file system, to know what you're doing :-)
The default permissions on share from FilerView is Windows 2000 style, everyone full control, from System Manager there's some aesthetic bug with read/change permissions, if you give read you cannot see change and so on. The best way is to use MMC from a W2K3 server or from a Windows 7 client.
My best regards
-----Messaggio originale----- Da: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] Per conto di Holland, William L Inviato: venerdì 4 febbraio 2011 11:53 A: Chaim Rieger; toasters@mathworks.com Oggetto: RE: cifs permissions doesnt match what i see in explorer
The share permissions set the permissions for the connection to the share itself, not the folders/files beneath that share. The folder/file permsissions are set through the security tab in Windows Explorer. If you want the two to match, you have to set them in both places.
This email is UNCLASSIFIED
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Chaim Rieger Sent: Thursday, February 03, 2011 11:07 AM To: toasters@mathworks.com Subject: cifs permissions doesnt match what i see in explorer
(last question for a while)
in one of my cifs shares (and this applies to all of them) i have defined permissions as (example)
domain/group1 Full Access
domain/group2 Read Only
however when i look at the security tab in windows explorer, it does not reflect as such.
security style is the same across all the shares, (ntfs) and when i test the security by having various users access them they get access or denied based on what cifs shares state, not what is shown in explorer.
i would like to have the explorer tab match, how can i accomplish this ?