0 Replies Latest reply: Jan 20, 2014 8:39 AM by BTANSECO1 RSS

Permissions for Mounted Qtrees using LDAP authentication

BTANSECO1 Novice
Currently Being Moderated

Hello,

 

We have a FAS3240 that is using LDAP (OpenLDAP) for authentication to the network shares. One item we've noticed that we can rename a mounted directory. We would like to prevent this from being a possibility.

 

If we remove the group ownership, the directory isn't visible when attempting to mount.

 

For example:

 

drwxrwx---  16 root     bt            4096 Nov 21  2012 pws-de

 

The pws-de mount is owned by root:bt. bt is an LDAP group.

 

My user is a member of bt so that when I go to Finder > Go > Connect to Server and do: smb://share/PHRG/ and authenticate, I see a list of available Qtrees that I have access to in Finder.

 

The problem is, if I single click on the pws-de directory, I have the ability to rename. I need to allow the ability for write access to directories & files within pws-de, but prevent the pws-de directory from being renamed.

 

Any suggestions on how to lock this down is greatly appreciated?

 

Thanks

More Like This

  • Retrieving data ...

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points