I'm starting to migrate NTFS data from an old emc san to a netapp 3020. Ive created a volume with ntfs security and created a share with full permissions (everyone). If I then go to a windows machine and connect to the share to manage security, if I make additions to the security tab (like add my user account with full access), I get a warning stating "Remotely setting permissions on the folder at the root of the share removes all inherited permissions from the root folder and all subfolders. to set permissions without removing inherited permissions, clikc No and either change the permissions on a child folder or make the change while logged in locally. Do you want to continue?
I did a little looking and it seems to be the way that microsofts cifs client handles the share at a root level.
My question is... what is the recommended way to manage NTFS security on a netapp filer since there really is no windows "local" box that the share is connected to.
I didn't get notified of this response, otherwise I would've replied earlier!
My account that I'm logged in as actually doesn't have access to get to the filer... which is fine.. I can fix that on my side.
I took a screenshot of a general share managed by computer management.
So are you saying that editing the security on that share through computer management as opposed to just through the cifs share will prevent that error from happening and it will essentially be treated as a local connection?
It looks like subfolder security will be able to be modified without issue.
If you can confirm this - which I believe you pretty much did in your previous post, that would be grand!
I was able to access my filer via mmc... was fumbling the server name wrong before.
however, I get the same error when trying to remove a user and apply the changes. All the other permissions (netapp\administrator, and domain admins) are inherited permissions... so I certainly don't want those removed because then I would have no permissions!
I just wanted to complete the thread... everything is working the way I expect now. It's been a long time since I've dealt with netapp, and windows security permissions so I was a bit foggy on how everything worked. Through computer management I can now successfully edit my filter security permissions without any issues.
How does that list get generated? If I look at that file on a filer I do have access to I see a bunch of SID's. I'd be surprised if someone had to look up the sids and put them in place... unless that is how it works?