Unix to Mixed security style change

Pkumawat

Hi All,

I created new SVM with root volume and data volumes with UNIX security style. While creating the volumes, the requirement was limited to NFS access only. Now the new requirement requires CIFS access too. I have a volume lets say volume_nfs, under that there is a qtree lets say volume_nfs_qtree. Security style for both volume and qtree is UNIX. There are no other file or folder under volume volume_nfs except volume_nfs_qtree. Currently only NFS export is configured on this volume.

Now I am thinking to change security style of qtree volume_nfs_qtree to mixed from UNIX and I will keep security style of volume volume_nfs unchanged.

Is that a right approach? I am worried what if it changes file permissions and application starts seeing issues with the file access. Please advice on this.

Thanks,

PK

TMACMD

Don’t do it. Nothing ever good comes out of using mixed mode. I call it “last one to set security wins”. And by this I mean: ONTAP only supports a single set of permissions in files/directories. Either Unix permissions or nt ACLs. Not both. I can set Unix permissions then someone can come in ABBA set an acl and restrict. Then troubleshooting security becomes a nightmare.

set up an ldap client for the svm. Make sure your Active Directory schema includes uid, number and gidnumber.

review the Netapp multi protocol tr

Unix to Mixed security style change

Join us in Vegas, September 23-25