0 Replies Latest reply: Jan 20, 2014 8:39 AM by BTANSECO1 RSS

Permissions for Mounted Qtrees using LDAP authentication

Currently Being Moderated



We have a FAS3240 that is using LDAP (OpenLDAP) for authentication to the network shares. One item we've noticed that we can rename a mounted directory. We would like to prevent this from being a possibility.


If we remove the group ownership, the directory isn't visible when attempting to mount.


For example:


drwxrwx---  16 root     bt            4096 Nov 21  2012 pws-de


The pws-de mount is owned by root:bt. bt is an LDAP group.


My user is a member of bt so that when I go to Finder > Go > Connect to Server and do: smb://share/PHRG/ and authenticate, I see a list of available Qtrees that I have access to in Finder.


The problem is, if I single click on the pws-de directory, I have the ability to rename. I need to allow the ability for write access to directories & files within pws-de, but prevent the pws-de directory from being renamed.


Any suggestions on how to lock this down is greatly appreciated?



More Like This

  • Retrieving data ...