2008-11-21 01:00 PM
I would like to create home directories for users in an AD environment. Since theier home directories are capable of being seen by all users I was wondering if it supports Access based Enumeration. Also, do I need to use Windows in order to configure home directories for users? I am not clear on how home directories work on the Netapp filer interface? Any suggestions and documentation would be most helpful.
2009-01-16 05:00 AM
I would recommend yo uto use the "homedir" functionality of the NetApp System. It is very well explained in the File Access and Protocols Management Guide.
A short copy/paste:
You can specify multiple home directory paths. Data ONTAP stops searching when it finds the matching directory.
You can add an extension to the home directory path if you do not want users to access the top level of their home directories. The extension specifies a subdirectory that is automatically opened when users access their home directories.
You can specify home directory paths by editing the /etc/cifs_homedir.cfg file. You can specify up to 1,000 path names in the /etc/cifs_homedir.cfg file.
Data ONTAP creates a default cifs_homedir.cfg file in the /etc directory when CIFS starts, if the file does not already exist. Changes to this file are processed automatically whenever CIFS starts. You can also process changes to this file by using the cifs homedir load command.
2009-01-18 07:49 PM
To briefly follow-up to Peter's great response, everything about home directories is also covered on the NOW site:
If you want to share out the volume/qtree above the home directories (say you have /vol/users/mktg and /vol/users/finance in your /etc/cifs_homedir.cfg file), you can add another share called "users" but specify ABE:
cifs shares -add users /vol/users -accessbasedenum
Then ABE will be enabled and anyone who looks in the users share will only see what they have access to. Creating an upper-level share can be useful for environments with users who share folders/files between business groups.
2011-11-10 06:03 AM
I tried your suggestion, but I have one problem.
The users can see other users folders, but not accessible based on permission.
Why other users folders are visible to other users who do not have permission to it eventhough I have setup ABE as above.
NetApp filer : ONTAP 8.0.2P2