We were thinking that if we could make the dot files "hidden" and "system", that that would help, even though CIFS users can override and see hidden files if they want.
...or system files, for that matter.
I'll use the netapp dump utility to dump the prototype dir to a file. When I create a user, I'll use the netapp restore to bring back the prototype directory, chown the files to the new user, overwrite the .forward, and mv the prototype into place as the user's home dir. This preserves any CIFS hidden attributes, I presume.
The filer "dump" saves, and the filer "restore" restores from a filer dump, CIFS attributes.
It looks like restore always restores back to the original location of the dumped directory. Is it possible to get restore to restore elsewhere? We're running NetApp Release 4.3.1.
From the 4.3.1 "na_restore(1)" man page:
The following characters may be used in addition to the letter that selects the function desired.
...
D By default, files will be restored into the directory from which they were dumped. If the D option is speci- fied, the next argument to "restore" is the full absolute pathname of a directory into which the files should be restored.
(a/k/a the "we don't have a notion of 'current directory', hence no notion of a 'cd' command, so this is the substitute" option).