Need help with permissions and acl's
Added by nelson pereira 11 months ago
hi all,
Been using nexentastore for some time now, but Im always having to go to the CLI to do chmod and chown on my CIFS shares....
Last week I intergrated Nexentastore to my home Domain Controller (2008R2 SP1).
Every thing looks good, nexenta shows in computers and added the appliance to join domain which seems to be ok.
My problem is this. I have 2 users at home that use/store/delete/move files in and out of the 2 CIFS shares, as well as my esxi 5 host that needs NFS access to the shares.
share1/share2, when joe puts a file in a directory, jane can access the folder but cannot do anything with the file, nor can she download it... (problem #1) and vice versa
Share2, esx host can mount the share but cannot see any folders created by either jane or joe.
Can someone explain how my shares should be configured as far as ACL?
I want esxi, joe and jane to have access to all files and folders of each other and be able to create and delete things and have other users see the newly added files and be able to delete them also.
P.S: joe and Jane are both in Domain Admins in AD.
Replies
RE: Need help with permissions and acl's - Added by nelson pereira 11 months ago
can anyone help out on this?
RE: Need help with permissions and acl's - Added by Linda Kateley 11 months ago
I have someone getting me the answer. will have it soon
RE: Need help with permissions and acl's - Added by nelson pereira 11 months ago
Thanks
Sent from my iPhone4 on IOS5
On Jun 11, 2012, at 11:15 AM, "NexentaStor.org" tracker@nexentastor.org wrote:
http://www.nexentastor.org/boards/1/topics/7231 Linda Kateley
I have someone getting me the answer. will have it soon
-- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://www.nexentastor.org/my/account
RE: Need help with permissions and acl's - Added by Linda Kateley 11 months ago
This is what i got from backline...
most likely selected "all" of the ACL permissions which doesn't do what you might think it will do.
To debug Remove all permissions for the user. Re-add the permissions with just taking the default ones that are listed in NMV and it should work.
RE: Need help with permissions and acl's - Added by anthony germano 11 months ago
I'm not using Nexenta in production yet, but this is how I set up my test CIFS shares, which seem to work as you probably expect them to...
I have a "File Share Admins" group set up in AD that I use instead of Domain Admins, but Domain Admins should work just as well.
I map the File Share Admins group to the local unix group staff, but it may be a better idea to create a different group to use instead.
I add staff to the ACL with all permissions set except the following under inherit:
- Placed on directories and indicates that ACL entries should only be inherited one level of the tree
- Placed on a directory, but does not apply to the directory itself, only to newly created files and directories
This will give your Windows group "Full Control" to the share. You can access the security tab in properties for the share in Windows and manage all settings from there.