https://community.netapp.com/t5/Network-and-Storage-Protocols/How-do-I-change-a-share-s-effective-security-style-to-NTFS-on-a-volume-in-a/m-p/54469#M5043 <HTML><HEAD></HEAD><BODY><P>If you mean “effective security style of a <STRONG>file</STRONG>” – you can’t. That is how mixed security style works – it remembers last change of ACLs, so to make it remember Windows ACLs you need to do it from Windows. It may be possible to use smbclient from Unix to simulate Windows access though.</P><P></P><P>In general mixed security is almost never what people really want.</P></BODY></HTML> Thu, 07 Apr 2011 02:45:43 GMT aborzenkov 2011-04-07T02:45:43Z https://community.netapp.com/t5/Network-and-Storage-Protocols/How-do-I-change-a-share-s-effective-security-style-to-NTFS-on-a-volume-in-a/m-p/54464#M5042 <HTML><HEAD></HEAD><BODY><P>How do I change the effective security style on a CIFS share from unix:</P><P>____________________________________________</P><P>na01a&gt; fsecurity show /vol/nas01/shares/Bioarchive<BR />[/vol/nas01/shares/Bioarchive - Directory (inum 97)]<BR />&nbsp; Security style: Mixed<BR />&nbsp; Effective style: Unix</P><P></P><P>&nbsp; DOS attributes: 0x0010 (----D---)</P><P></P><P>&nbsp; Unix security:<BR />&nbsp;&nbsp;&nbsp; uid: 0 (root)<BR />&nbsp;&nbsp;&nbsp; gid: 0<BR />&nbsp;&nbsp;&nbsp; mode: 0755 (rwxr-xr-x)</P><P></P><P>&nbsp; No security descriptor available.<BR />na01a&gt;</P><P>____________________________________________</P><P></P><P></P><P>to NTFS:</P><P>____________________________________________</P><P>na01a&gt; fsecurity show /vol/nas02/shares/IT<BR />[/vol/nas02/shares/IT - Directory (inum 12249468)]<BR />&nbsp; Security style: Mixed<BR />&nbsp; Effective style: NTFS</P><P></P><P>&nbsp; DOS attributes: 0x0010 (----D---)</P><P></P><P>&nbsp; Unix security:<BR />&nbsp;&nbsp;&nbsp; uid: 0 (root)<BR />&nbsp;&nbsp;&nbsp; gid: 0<BR />&nbsp;&nbsp;&nbsp; mode: 0777 (rwxrwxrwx)</P><P></P><P>&nbsp; NTFS security descriptor:<BR />&nbsp;&nbsp;&nbsp; Owner: BUILTIN\Administrators<BR />&nbsp;&nbsp;&nbsp; Group: BUILTIN\Administrators<BR />&nbsp;&nbsp;&nbsp; DACL:<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Allow - addomain\useracctx - 0x001301bf (Modify) - OI|CI<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Allow - addomain\useraccty - 0x001f01ff (Full Control) - OI|CI<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Allow - addomain\useracctz - 0x001f01ff (Full Control) - OI|CI<BR />&nbsp;&nbsp;&nbsp; SACL:<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; All&nbsp;&nbsp;&nbsp;&nbsp; - addomain\Domain Users - 0x00050047 - OI|CI (Inherited)<BR />na01a&gt;</P><P>____________________________________________</P></BODY></HTML> Thu, 05 Jun 2025 06:57:09 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/How-do-I-change-a-share-s-effective-security-style-to-NTFS-on-a-volume-in-a/m-p/54464#M5042 sgieveach 2025-06-05T06:57:09Z https://community.netapp.com/t5/Network-and-Storage-Protocols/How-do-I-change-a-share-s-effective-security-style-to-NTFS-on-a-volume-in-a/m-p/54469#M5043 <HTML><HEAD></HEAD><BODY><P>If you mean “effective security style of a <STRONG>file</STRONG>” – you can’t. That is how mixed security style works – it remembers last change of ACLs, so to make it remember Windows ACLs you need to do it from Windows. It may be possible to use smbclient from Unix to simulate Windows access though.</P><P></P><P>In general mixed security is almost never what people really want.</P></BODY></HTML> Thu, 07 Apr 2011 02:45:43 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/How-do-I-change-a-share-s-effective-security-style-to-NTFS-on-a-volume-in-a/m-p/54469#M5043 aborzenkov 2011-04-07T02:45:43Z