When a CIFS user tries to access a share, ONTAP always checks the share-level permission to determine whether access should be granted. A share-level permission consists of a list of access control en...When a CIFS user tries to access a share, ONTAP always checks the share-level permission to determine whether access should be granted. A share-level permission consists of a list of access control entries (ACEs). Each ACE contains a user or group name and a set of permissions that determines user or group access to the share. Includes read permissions and the ability to add, delete or change files or subdirectories. Can perform any and all functions on all files and folders within the share.