Cifs, Cifs acl support, Access control list support in containers – Dell PowerVault DR2000v User Manual
Page 22
NOTE: If you want to do a mount on AIX, you must set the nfs_use_reserved_ports and portcheck parameters first.
The parameters cannot be set to 0. For example: root@aixhost1 / # nfso -po portcheck=1
root@aixhost1 / # nfso -po nfs_use_reserved_ports=1
CIFS
The Common Internet File System (CIFS) remote file access protocol is one supported by the DR Series system, and is
also known as a Server Message Block (SMB). SMB occurs more commonly than the Network File System (NFS)
protocol on systems that run the Microsoft Windows operating system. CIFS allows programs to request files or services
on remote computers.
CIFS also uses the client-server programming model, whereby the client requests access to a file or passes a message
to a program running on the server. Servers review all requested actions and return a response. CIFS is a public (or
open) variation of the SMB that was originally developed and used by Microsoft.
NOTE: The DR Series system currently supports version 1.0 of the Server Message Block (SMB).
NOTE: For details on CIFS feature restrictions, see the
Dell DR Series System Interoperability Guide
, at
support.dell.com/manuals.
CIFS ACL Support
The DR Series system software supports the use of access control lists (ACLs) for CIFS and share-level permissions. By
definition, an ACL is simply a list of permissions that can be associated with any network resource.
Each ACL can contain access control entries (ACEs) that define or describe the permissions for an individual user or a
group of users. An ACL can consist of zero (meaning that all users have access) or a number of ACEs that define specific
permissions on a per-user or per-group basis.
NOTE: If an ACE list is empty (meaning that it contains zero entries), this means that all access requests will be
granted.
An ACL describes the entities that are allowed to access a specific resource. ACLs are a built-in access control
mechanism in the Windows operating systems.
NOTE: The DR Series system supports setting up share-level permissions for a CIFS share using a Microsoft
Windows administrative tool. Share-level permissions let you control access to shares. For more information, see
Configuring Share-Level Security
NOTE: Any user that is part of BUILTIN\Administrators can edit ACLs on CIFS shares. The local DR Series system
administrator is included in the BUILTIN\Administrators group. To add additional domain groups to the BUILTIN
\Administrators group, you can use the Computer Manager tool on a Windows client to connect to the DR Series
system as Domain administrator and add any groups you want. This capability allows users other than the Domain
administrator to modify an ACL as needed.
Access Control List Support in Containers
All new containers apply a default Access Control List (ACL) at the root of the container. This default ACL is the same as
that which would be created by a Microsoft Windows 2003 Server. Therefore, these new containers with the default ACL
support the following permission types:
22