Nasuni Edge Appliance Initial Configuration Guide 8.3 48
Accessing Volumes Folder and File Access Permissions in Windows
Folder and File Access Permissions in Windows
Special default permissions are applied to these folders and files:
• .nasuni
• .nasuni/sync_logs/
• Files in .nasuni/sync_logs/
• .nasuni/av_violations/
• Files in .nasuni/av_violations/
• .nasuni/file_alerts/
• Files in .nasuni/file_alerts/
• .nasuni/audit/
• Files in .nasuni/audit/
Caution: Do not change the permissions on these folders or files unless it is absolutely
necessary. Use caution when changing any permissions. Incorrect permissions can
cause problems in access and processing.
Tip: To access the hidden .nasuni directory on an SMB share, you must be an administrative
user. To specify an administrative user, on the Nasuni Edge Appliance, select General
Settings from the Configuration menu, then specify an Administrative User.
In addition, this hidden directory must be visible on the client machine. For example, in
Windows, “Show Hidden Files, folders, and drives” must be enabled, and “Hide protected
operating system files” must be disabled.
Alternatively, you can use the File System Browser to view the .nasuni directory and its
contents. On the File System Browser page, you must select “Show Hidden Files”.
In Windows, using Active Directory security, all users have Read permission for all files and all folders
under the topmost
.nasuni folder. However, unless a user also has Read permission for the
topmost
.nasuni folder, that user cannot access any of those files or folders under the
topmost
.nasuni folder. By default, only a Filer Administrator has Read permission for the
topmost
.nasuni folder. If a Filer Administrator wants to allow a user to view the files, the Filer
Administrator should change the permission on the topmost
.nasuni folder for that user.
Tip: In Windows, if a folder gives permission to the group “Everyone”, unprivileged users might
not be able to access the folder. Instead, Nasuni recommends that you assign users to
another group that has the desired permission for the folder.
Tip: If you are using Active Directory authentication and your Nasuni Edge Appliance is joined to
an Active Directory server that has Windows Server 2012 domain controllers, and the
following conditions occur:
• The Windows Server 2012 domain controller has Resource SID compression enabled,
• The client accesses the Nasuni Edge Appliance CIFS volume by hostname,
• The user client is authenticating using access to the CIFS volume based on membership
in a domain local group,
then the user is denied access to the CIFS volume.
To Next Page
Loading...