Hello all, I have a qtree that I wish to change from UNIX security style to NTFS. Experimenting on a test volume I've found that when I make the change the ownerships of all the objects are preserved*, and appropriate ACLs show up for the owners. However, Unix "group" and "other" privileges do not seem to get translated to ACLs.
Before I can proceed I really need to find a way to duplicate the group-based permissions that existed on the Unix side. I've started hacking together a script using smbcacls (the ACL utility in Samba). The idea is to set appropriate ACLs for specific groups and "Everyone" based on what the Unix mode bits used to be. Still I wonder if there's an easier way. Has anyone had a similar "challenge"?
*In our environment all Unix and Windows user IDs are identical. We use an LDAP back end for Unix authentication and for our Samba-based domain controller.
This is 7.2.1.1 on a FAS3020 in case it matters.
Thanks for any input.