The Windows security model is based primarily on object rights, which involve the use of a Security Descriptor (SD) and its ACL. When an SMB policy is selected, changes to the mode bits from the NFS protocol are ignored.
Access to a file system object is based on whether permissions have been set to Allow or Deny using an SD. The SD describes the owner of the object and group SIDs for the object along with its ACLs. An ACL is part of the security descriptor for each object. Each ACL contains access control entries (ACEs). Each ACE in turn contains a single SID that identifies a user, group, or system unit and a list of rights that are denied or allowed for that SID.
The Windows security model uses the SMB ACL for both protocols. When there is a request for NFS access, the Windows credential that is built from the DC/LGDB is used to check the ACL for permissions. When SMB ACL permissions are changed, NFSv3 UNIX mode bits or NFSv4 ACLs are updated. NFSv3 UNIX mode bits or NFSv4 ACL permission changes are denied.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\