hi,
first, i have read the whitepapers and the security docs, faqs, etc. i still have questions.
i converted qtree with user dirs from unix to ntfs.
if i look at a users home dir with secure share tool it says no acl. i look at the ntfs security perms and it says the user has full,full and that everyone has rx,rx. i understand this is coming from the unix perms that were there.
i give domain admins full control over that dir, subdirs and files. i look at it with secure share and it says root is owner [but greyed out] and there is an acl. i look at the dir and sub dirs with the nt security tab and i see domain admins full, the user full, and everyone rx,rx.
example, before creating acl
G:\o\odragan\ Owner: domain\odragan domain\nlehrer (RWX)(RWX)* domain\odragan (All)(All)* G:\o\odragan\Marti\ Owner: domain\odragan domain\nlehrer (RWX)(RWX)* domain\odragan (All)(All)* Everyone (RX)(RX) G:\o\odragan\Oksana\ Owner: domain\odragan domain\nlehrer (RWX)(RWX)* domain\odragan (All)(All)* Everyone (RX)(RX)
after
G:\o\odragan\ Owner: Administrators (lg) domain\Domain Admins (gg) (All)(All)* domain\nlehrer (RWX)(RWX)* domain\odragan (All)(All)* G:\o\odragan\Marti\ Owner: Administrators (lg) domain\Domain Admins (gg) (All)(All)* domain\nlehrer (RWX)(RWX)* domain\odragan (All)(All)* G:\o\odragan\Oksana\ Owner: Administrators (lg) domain\Domain Admins (gg) (All)(All)* domain\nlehrer (RWX)(RWX)* domain\odragan (All)(All)* ~~~~~~~~~~~~~~~~
the question is, the domain admins ace was set up when i created the acl. but, the user's ace is it still from the unix perms or from where, since i did not create it.
i have to set up ntfs acls for all copied over data so this is important. should i recreate the user's access or just leave the one that is there? i will remove the ace for everyone, but i don't understand what the user's own access represents.
any guidance would be appreciated. thanks. --