Software Development Kit (SDK) and API Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Software Development Kit (SDK) and API Discussions

Ask a Question

Giving permission (AD groupd access) to a Folder inside a cifs share via .Net API (or CLI)

AmjathKhan
‎2016-05-16 12:27 AM
3,193 Views

Hello All,

 

please let me know the procedure to set a particular AD group to have access to a Folder created inside of cifs Shares.

 

please do the needful.

 

With Thanks & Regards

Amjath

0 Kudos
6 REPLIES 6

AmjathKhan
‎2016-05-16 08:07 PM
3,196 Views

Hello All,

 

I need to add a AD group (read/write) access to the folder created inside the cifs shares.

 

I knew fsecurity will show the details like which are all AD groups have access to particular folder, but I want to write the details into netapp

 

please do the needful.

 

Model: FAS8020
NetApp Release 8.2.3P4 7-Mode

 

With Thanks & Regards

Amjath

0 Kudos

Jeff_Yao
NetApp
‎2016-05-27 04:26 AM
In response to AmjathKhan
3,151 Views

afaik, i dont think there's command on filer can help u do that. u have to do it on client side. maybe windows powershell can do something about it. like "cacls" cmd.

thanks 

Jeff

0 Kudos

AmjathKhan
‎2016-05-29 08:14 PM
In response to Jeff_Yao
3,124 Views

Thanks for the info, will try cacls command as well.

 

Is fsecurity apply wont help in this case by setting the .config file  ?? 

 

with Thanks 

Amjath

0 Kudos

Jeff_Yao
NetApp
‎2016-05-30 12:57 AM
In response to AmjathKhan
3,112 Views

hi, 

 

"fsecurity apply" should work as well. personally recommand you do it on client side. i recall there's a bug in "fsecurity apply". below TR includes some chapters you can read thru. checking 2.3 and 2.4. it should be helpful. 

http://www.netapp.com/us/media/tr-3596.pdf

thanks

Jeff

0 Kudos

raj_shrivastava11
‎2016-05-17 12:23 AM
3,147 Views

Hi Amjath,

 

Firstly, try to access the CIFS Share on any of your Windows Based Server/Machine. it should be accessed like "\\netappname or IP\Sharename".

 

Then Right click on a "Folder" on which you want to add the "AD Group"

 

1. In Sharing Tab --> "Everyone" should be "Full Control"

 

2. In Security Tab --> you should be able to add the "AD Group" and set the required permission and apply it.

 

3. Access the folder using that "AD Group" or by members of that AD Group.

 

Hope this helps

 

BR

Raj

 

 

0 Kudos

AmjathKhan
‎2016-05-17 12:40 AM
In response to raj_shrivastava11
3,141 Views

Hello Raj,

 

Thanks for the info, yep this is the manual way of doing that, but i want this steps need to be automated using the .net API / using the netapp cli commands.

 

please help on that.

 

dont we have any straight command to give permission to the folder with AD groups ??

I read somewhere they are saying, create new fpolicy and then using the fsecurity apply the policy to the folder. but I didnt understand the flow.

 

something like this

Create a conf file containing the following:

cb56f6f4 1,0,"/vol/vol_name/qtree_name/subdir",0,"D:P(A;CIOI;0x1f01ff;;;Everyone)"

 

Save it on your filer somewhere (example in manpage is /etc/security.conf).

Run:

fsecurity show /vol/vol_name/qtree_name/subdir

fsecurity apply /etc/security.conf

fsecurity show /vol/vol_name/qtree_name/subdir

 

With Thanks  & Regards

Amjath

0 Kudos
All Community Forums
Public