SFU3.5 and getting permissions to work

  • Thread starter Thread starter BobMarley
  • Start date Start date
B

BobMarley

I have a unix server connecting to an NFS mount point on my
Windows Server. Whenever a file is written there by the unix server,
it typically comes across as having permissions only of SYSTEM and
read. So no one is ever able to access the file

How can i have it come across so that it is a file readable by
Windows users? I thought it did that by default in earlier versions,
but maybe 3.5 changed that?
 
BobMarley said:
I have a unix server connecting to an NFS mount point on my
Windows Server. Whenever a file is written there by the unix server,
it typically comes across as having permissions only of SYSTEM and
read. So no one is ever able to access the file

How can i have it come across so that it is a file readable by
Windows users? I thought it did that by default in earlier versions,
but maybe 3.5 changed that?
Click to expand...
We use SFU 3.0 and it a major pain in the ... neck! When you
add a file or change permissions on the Unix it creates a
new Windows ACL. This means that all users/groups with
permissions on that directory and the files in it become
inaccessible on the Windows for almost all users. The new
acl seems to wipe all existing acls and since it is
theoretically inherited (don't know why) all you see in the
permissions is grey blank boxes which you can't change.

What we have to do periodically is take ownership of the
directory and all sub-directories and files and set the
permissions back again.

Though having said that, have you checked the mapping
between Windows users and groups and Unix users and groups?

Cheers,

Cliff
 
We don't do mapping.
i seem to remember never having to do it before...
I was wondering if this was a new security feature in 3.0 or 3.5

what i'd love to do is have the file created by the unix host, be
available as EVERYONE with full control.

any idea how i can do that?
 
Don't do mapping? You *have* to map at least one user or
group, don't you, to determine who has access to the files.
I guess you could map the Everyone group to the root user.

Cheers,

Clifff
 
Well, I have Windows Appliance servers running 2003 and SFU
3.0 and 2TB arrays. It comes with a web-based configuration
utility. I'm not at work at present so I can't remember what
the real name is. In there I map the Administrator and one
other user to root user and similar for groups.

I guess another thing to check would be the NFS share
permissions on the shared directories.

Cheers,

Cliff
 
If you can look monday?
I don't understand actually HOW to map..
we don't use NIS... so i guess i need a file to do it?
 
Hi Bob,

Yes, I'll look for you. Yes, it does work by files.
Specifically, a "passwd" and a "group" file.

You associate a Windows user (eg administrator) with a Unix
user (eg root). You can associate a Windows group (eg
administrators) with a Unix group, (eg root)

Please note, I am using SFU 3.0, but the principle is the same.

Cheers,

Cliff
 
i have tried 2.0, 3.0 and 3.5
i thought i didn't have to do this before but i must be thinking
windows out to unix, not unix into windows...

the other option the business analysts have suggested is having me
just allow FTP in. but that would mean installing IIS..

the reason to do this is that we have a unix host that has to drop a
file on the Windows server that everyone can read..
for some reason i just am not grasping the whole user/pw file thing,
or the format to set it in. i can't find documentation that says how
to set the files up.
 
BobMarley said:
i have tried 2.0, 3.0 and 3.5
i thought i didn't have to do this before but i must
be thinking windows out to unix, not unix into windows...

the other option the business analysts have suggested
is having me just allow FTP in. but that would mean
installing IIS..

the reason to do this is that we have a unix host that
has to drop a file on the Windows server that everyone
can read..
for some reason i just am not grasping the whole user/pw
file thing, or the format to set it in. i can't find
documentation that says how to set the files up.
Click to expand...
Um Unix is much better at talking Windows (Samba) than
Windows is talking Unix (NFS). Your Unix guys probably
already use Samba, so just give them a share to copy to.

Well that's one suggestion anyway.

You do not need IIS for an FTP site, unless you want to stay
pure Windows, and even then you could set up a script to
*pull* the Unix file off the Unix machine. There are other
FTP servers that can be installed on Windows.

I guess you know about the SFU site?

http://www.microsoft.com/windows/sfu/default.asp

Cheers,

Cliff
 
yeah i've been to the site.. and read the documentation.
i'm just not following how to do the mapping....
 
Back
Top