The current situation is a bit confusing, I read the documentation about cifs access share [-g] user rights and cifs access -delete share [-g] user, but as it’s a production server, this why I need your assistance to create a script that:
Remove all the permissions (whatever they are, Read,Modify or Full control) on all USERS SHARES. Remove any users, any groups from SHARE permissions
Grant full control to each user to his own folder (personnal share)
This is optionnal, I want to do the same as #1 but for NTFS permissions
You should probably look at the NetApp management SDK for these kind of activities. SDK is available at http://support.netapp.com for download. The commands and procedures would depend on the languagae that you use. Roughly, the workflow would look like :
1. Create a list of sharenames that you are targeting ( This is required so that you dont mess up with other existing shares)
2. Loop through each item in the list, and get the ACL on the share. This can have mutiple entries, so another nested loop is needed here
3. Loop through each ACE, and delete it
4. After finishing all entries in step3, create an ACE for the desired user (which is hopefully the same as the sharename)
5. repeat and finish loop1.
for the last item in your message, download the secedit tool from http://mysupport.netapp.com/NOW/download/tools/secedit/ and create a text file with the ACLs. You can then copy that file into the vol0/etc, and run "fsecurity apply <filepath>" to apply the DACLs on your qtrees/volumes.
If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO. Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.