my recommendations is that to aviod or please dont put everyone full cifs/netapp level permission on your filers specially when your filer is in a heterogenous environment with NFS & CIFS or a multiprotocol filer (uses CIFS and NFS).. you can read more on http://media.netapp.com/documents/wp_3014.pdf (chapters 3 & 4)
for me the better way to replace the everyone full permisison is with NT AUTHORITY\Authenticated Users probably with change permission not with full..then implement a Active Directory Domain User grouping and add the group in the CIFS Level permission and create another group for security level permission.
example,
CIFS/NetApp level permission
Filer01> cifs shares Test
Test /vol/v_vol01/test
ADDomain\test_ms / Change
ADDomain\test_rs / Read
In security level permssion
Test
-- ADDomain\test_ms -- with modify permission
-- ADDomain\test_ms-- with read& execute permission
this will make sure that only the users who are member in the group can access in the share drive Test.. this is also good when you have a security audit..
Regards,
tons
