NTFS Permission scoped to This Folder Only

-

i have netapp cifs volume serving out many shares. ntfs formatted volume root has folder in called shareroot e.g. /vol/shareroot/. in netapp world,as cifs volume , not lun, share out root create share root folders under root e.g. create more folders access \\netappfiler\admin\ share , create folders create shares netapp mgmt. tools:

  • admin   - /vol/shareroot
  • share1 - /vol/shareroot/folder1
  • share2 - /vol/shareroot/folder1

naturally, granularity break inheritance on each subfolder under /vol/shareroot/ , add our dacls see fit. various reasons (3rd part monitoring apps etc.) need leave root admin share open admins. means these admins can see share root folders shares. because of wanted add following each share root folder protect doing silly:

  • add - deny delete - folder only

i'm setting access share path (e.g. \\mynetappfiler\share1\ , works fine when click apply explorer ui seems spin through every single subfolder , file in share. add permission root folder required why go through every file when scoping s 'this folder only'? reasons ask have hundreds of these , it's time consuming. expecting ti return i'm adding entry applies single folder. 


hmm, after testing using a unicode file content supplied fsecurity:

  • cb56f6f4
    1,0,"/vol/vol_2/permissionstest/",0,"d:;d;np;0x10000;;;everyone)"

 

seems add ace , leave others intact. completes in less 1 second opposed 5 mins when using windows server , unc path add permission. can't find exact details of how fsecurity deals existing dacls though appears way go.



Windows Server  >  File Services and Storage



Comments

Post a Comment

Popular posts from this blog

Group Policy Event ID 1058 Error Code 1326 (The user name or password is incorrect)

-
i seeing odd error on 1 of our domain controllers. have dealt event id 1058 errors whereby policy (or policies) not replicating, receiving error along error code 1326 on server, , apparently happening default domain policy: log name:      system source:        microsoft-windows-grouppolicy date:          8/10/2015 3:09:54 pm event id:      1058 task category: none level:         error keywords:      user:          s-1-5-21-1484152634-2550175353-3916092219-3287 computer:      <dc name>.<domainname> description: processing of group policy failed. windows attempted read file http://schemas.microsoft.com/win/2004/08/events/event ">   <system>     <provi...
Read more

Suspicious event log Event ID: 4905

-
hi thr, could please me understand causing such event logs generate ? as  i understand, vssvc.exe pertains volume shadow copy used backup purpose.  we have third party application used taking backup of servers. the event longs generated following messages: 1) attempt made unregister security event source. 2) attempt made register security event source. these events not regular generated on random days. standard fields: date:               2013/10/19 time:               02:32:19 importance:         critical rule name:          security event monitored machine:  <domain controller> log format:         windows log name:           security event id:           4905 in work hours:      yes dynamic fields: internal timestamp: 2013/10/19 ...
Read more

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more