Skip to main content

NetApp_Insight_2020.png 

NetApp Knowledgebase

7MTT Precheck 20504 - Share-level ACLs for UNIX users or groups

Views:
73
Visibility:
Public
Votes:
0
Category:
data-ontap-8
Specialty:
cifs
Last Updated:

Applies to

7-Mode Transition Tool (7MTT)

Description

The 7-Mode Transition Tool (7MTT) does not support the transition of an Access Control List (ACL) at the level of CIFS shares for UNIX users and groups.

Precheck 20504: The following CIFS shares have share-level ACLs set for UNIX users or groups.

How does this feature work on Data ONTAP 7-Mode?
When you create a CIFS share, Data ONTAP creates a default ACL for the share with full control permissions. To manage CIFS share ACLs, run the cifs access command:
fas2220cl1-ams1*> cifs access
 
Usage:
         cifs access <share> [-g] <user|group> <rights>
         cifs access <share> -m
         cifs access -delete <share> [-g] <user|group>
         cifs access -delete <share> -m
                 rights can be Unix-style combinations of r w x -
                 or NT-style "No Access", "Read", "Change", and "Full Control"

How does this feature work on clustered Data ONTAP?
A share-level ACL consists of a list of Access Control Entries (ACEs). Each ACE contains a user or group name and a set of permissions that determine user or group access to the share, regardless of the security style of the volume or qtree containing the share.

Setting up file access using SMB: When an SMB user attempts to access a share, Data ONTAP always checks the share-level ACL to determine whether access should be granted.

Risk: An ACL is a list of ACEs. Each ACE in an ACL identifies a trustee and specifies the access rights allowed, denied, or audited for that trustee. An ACL is created for secure access to data, and any flaws can result in a data compromise.

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support