Mon June 22nd 2009: I have updated it since the ACL were not 100% correct.
1. Create a new project, so that you don't change the default setting and enable the CIFS protocol, NFS is enabled by default.
2. If you want ACL/permissions to be inherited correctly then you need to alter the "Inherited ACL Behavior", which is the ZFS command "zfs set aclinherit=passthrough rpool/ROOT/b114b" for reference.
3. Create a share with all the relevant information, name, uid, group and permissions.
4. Need to set up mapping between our Solaris LDAP server and Windows AD system.
5. It is a straight mapping of LDAP <=> AD for users and groups.
6. Next edit Access ACL for the new share. I think the "Owner" should have full control.
7. Here is a full description of the letters and what they represent in windows.
8. And the final product after a few global ACL's have been added. Plus the owner of the directory should be added as well. This is because if Windows Admin creates a file then you want the owner still to have access.
9. Now lets test it.....
No comments:
Post a Comment