vserver security file-directory apply

Apply security descriptors on files and directories defined in a policy to a Vserver

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.


The vserver security file-directory apply command applies security settings to files and directories defined in a security policy of a Vserver.

Applying a security policy to a Vserver is the last step to creating and applying NTFS ACLs to files or folders. A security policy contains definitions for the security configuration of a file (or folder) or set of files (or, folders). The policy is a container for tasks. A task associates a file/folder path name to the security descriptor that needs to be set on the file/folder. Every task in a policy is uniquely identified by the file/folder path. A policy cannot have duplicate task entries. There can be only one task per path.

The steps to creating and applying NTFS ACLs are the following:


-vserver <vserver name> - Vserver
Specifies the Vserver that contains the path to which the security policy is applied.
-policy-name <Security policy name> - Policy Name
Specifies the security policy to apply.
[-ignore-broken-symlinks {true|false}] - Skip Broken Symlinks (privilege: advanced)
If you specify this parameter as true, the file-directory apply job will skip all the symlinks that are broken instead of failing the job.


The following example applies a security policy named “p1” to Vserver vs0.

            cluster1::> vserver security file-directory apply -vserver vs0 -policy-name p1