----- "dilley chris" <[EMAIL PROTECTED]> wrote: > Hello everyone > > I have an new test installation of Openfiler 2.2.r1166-1-1 configured > to > authenticate with my 2003 AD and am able to see my AD users and > group. > I have a single share (/mnt/vg1/vol1/users/) configured with > controlled > access, pg=domain admins, ro=domain users. When I browse and > authenticate (as a domain admin) to this share from a windows XP > system > I can see this share and create subfolders and files. > > The problem comes when I attempt to give further ACL's to these > subfolders and files like I would any other Windows share. Opening > the > Security Properties on them (again from Windows XP) I attempt to add > a > user or group and configure ACL's for them. In the 'Select Users or > Groups' window I only have the choice of the OpenFiler server in the > 'From this location' which will not recognize any of my AD users or > groups. > > Should OpenFiler work this way?
It is not expected that an admin would try to administer shares, access control included, from any other management tool. Even if you were to successfully set ACLs to subfolders, they'd be overwritten the next time group access control is modified from within the OF interface. If you require such fine-grained access control, then you should export disk blocks from Openfiler via iSCSI, mount, and create CIFS shares within your Windows server infrastructure which can then be exported to clients. > > Thanks for any help you can provide. > > Chris -- R. _______________________________________________ Openfiler-users mailing list [email protected] https://lists.openfiler.com/mailman/listinfo/openfiler-users
