Guidelines for managing SMB share-level ACLs
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
![](https://docs.netapp.com/common/images/pdf-zip.png)
Collection of separate PDF docs
Creating your file...
You can change share-level ACLs to give users more or less access rights to the share. You can configure share-level ACLs by using either Windows users and groups or UNIX users and groups.
After you create a share, by default, the share-level ACL gives read access to the standard group named Everyone. Read access in the ACL means that all users in the domain and all trusted domains have read-only access to the share.
You can change a share-level ACL by using the Microsoft Management Console (MMC) on a Windows client or the ONTAP command line.
The following guidelines apply when you use the MMC:
-
The user and group names specified must be Windows names.
-
You can specify only Windows permissions.
The following guidelines apply when you use the ONTAP command line:
-
The user and group names specified can be Windows names or UNIX names.
If a user and group type is not specified when creating or modifying ACLs, the default type is Windows users and groups.
-
You can specify only Windows permissions.