ONTAP Discussions

How to add NTFS security rights to a CIFS share

Northman
1,648 Views

I only set this up once before and I got it to worked. I just set export rights and used the default cifs share rights. I do not recall setting any file-directory ntfs DACL.

 

Today I could not do it. I then read about it and it seems I have to:

1. Create a security descriptor

2. Create a security policy

3. Create a task to that security policy

https://docs.netapp.com/us-en/ontap/smb-admin/add-task-security-policy-file-task.html

But I get this error:
 
Error: command failed: Can't set ntfs security descriptor on a Unix File
 
Can anyone point me to the right direction? Either I am over-complicating things or I am doing something wrong.
3 REPLIES 3

TMADOCTHOMAS
1,581 Views

Your volume may be set to the default unix security style and not ntfs. Enter the command volume show -volume <volume> -fields security-style. If it says unix, you can't set NTFS permissions. The volume needs to be recreated with security style CIFS.

jaydavis
1,496 Views

When I hit a wall like this, I usually backtrack and make sure I'm not missing any steps. Double-check if you've got the right permissions and maybe simplify the setup if it's getting too complex.

Ashun
313 Views

hi

 

Based on your error message,
In my opinion, you may need to change the Security Style of the volume to unix
You can change the security type using the following command

::> volume modify -vserver  <  > -volume <  >  -security-style unix

Public