vserver security file-directory apply

Description

Applying a security policy to a Vserver is the last step to creating and applying NTFS ACLs to files or folders. A security policy contains definitions for the security configuration of a file (or folder) or set of files (or, folders). The policy is a container for tasks. A task associates a file/folder path name to the security descriptor that needs to be set on the file/folder. Every task in a policy is uniquely identified by the file/folder path. A policy cannot have duplicate task entries. There can be only one task per path.

The steps to creating and applying NTFS ACLs are the following:

• Create an NTFS security descriptor.
• Add DACLs and SACLs to the NTFS security descriptor.
  Note: If you want to audit file and directory events, you must configure auditing on the Vserver in addition to adding the SACL to the security descriptor.
• Create a file/directory security policy.

  This step associates the policy with a Vserver.

• Create policy tasks.

  A policy task refers to a single operation to apply to a file (or folder) or to a set of files (or folders). Amongst other things, the task defines which security descriptor to apply to a path.

• Apply a policy to the associated Vserver.

Parameters

-vserver <vserver name> - Vserver

Specifies the Vserver that contains the path to which the security policy is applied.

-policy-name <Security policy name> - Policy Name

Specifies the security policy to apply.

[-ignore-broken-symlinks {true|false}] - Skip Broken Symlinks (privilege: advanced)

If you specify this parameter as true, the file-directory apply job will skip all the symlinks that are broken instead of failing the job.