Apply security descriptors on files and directories defined in a policy to a Vserver
Applying a security policy to a Vserver is the last step to creating and applying NTFS ACLs to files or folders. A security policy contains definitions for the security configuration of a file (or folder) or set of files (or, folders). The policy is a container for tasks. A task associates a file/folder path name to the security descriptor that needs to be set on the file/folder. Every task in a policy is uniquely identified by the file/folder path. A policy cannot have duplicate task entries. There can be only one task per path.
The steps to creating and applying NTFS ACLs are the following:
This step associates the policy with a Vserver.
A policy task refers to a single operation to apply to a file (or folder) or to a set of files (or folders). Amongst other things, the task defines which security descriptor to apply to a path.
The following example applies a security policy named “p1” to Vserver vs0.
cluster1::> vserver security file-directory apply -vserver vs0 -policy-name p1