We are currently using netapp xml auditing and enabling SACLs using Windows Explorer Client to set SACL permissions for everyone read,write, delete etc.

1) When we apply this SACL to big fillers with millions of folders and files it has to apply this recursive and take lot of time and also fails on many folders because inheritance is broken and user doesnt have permission, etc etc. Is there any way to apply this much faster at the root level of the share/volume avoiding this errors, permissions, broken inheritance,  time, and other common problems?  does "vserver security file-directory ntfs sacl modify" has the same problem? is faster?

2) Does fpolicy auditing also requires setting this SACLs on all folders/files or just enable fpolicy? how you set what operations to audit? I know windows file server requires this and most storages based on windows, but applying SACLS for larger file server is always a problem.