Skip to main content
NetApp Knowledge Base

Why do NTFS ACLs take so long to apply across my directory structure?

Views:
483
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9
  • CIFS

Answer

  • Permissions applied by a client machine across the SMBx protocol must first be read and then modified in separate SMBx calls.
  • This process is basically serial at the client end, each file or directory being applied one by one instead of against multiple files or directories at the same time.
  • As the number of files and directories increase, so too does the amount of time it takes to apply permission changes.
  • When the number of files gets into the Millions application of the permissions may take days or even weeks.
    • Short answer: the process will take as long as it takes.

Additional Information

  • Some admins have inquired as to whether it would be faster to set the permissions from the Storage directly. 
  • The answer to that is “No, the application of the permissions will generally take the same amount of time even if ONTAP is performing the application of the permissions via ClI/API calls.”
  • Furthermore, performing that level of permissions applications from ONTAP has much greater risk of causing issues, including perofrmance impacts and possibly panicking the Filer.
  • NetApp Support does not recommend applying permissions from ONTAP except in circumstances where there is no other option, like when there are no valid permissions in the location.
NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.