Access Rights:
There are two different methods to control NAS access rights on the VessRAID R2000 series products. One is controlled by Protocol layer and the other is by Access Control List (ACL) on file system layer. These methods are totally different in design. This document gives some Q&A regarding both Vess NAS protocol permissions and ACL permissions.
How to block all users but one or some users can read-write files in Share Disk?
ACL must be enabled to get this effect. There are two ways to configure ACL on NAS.
Method 1: Set ACL through WebPAMProE.
- Set ACL to deny for the group (usually domain users for AD) which all users belongs to it.
- Set ACL to read-write for the specific users.
See the following screen shots for step by step configuration:
Method 2: Set ACL through Windows client.
- Set "Security" to deny for the group which all users belong to it.
- Set "Security" to read-write for the specific users.
See the following screen shots for step by step configuration:
This result is that other users can access the folder and read nothing in the folder.
How many ACL (Access Control List) rules can be set on one file/folder?
- The Maximum # of ACL per file/folder is 256. ACL can apply to local user, local group, domain user and domain group.
- PS: FW (kernel) build after 2014/07/04 will support this. Ex. SR2.2 FW v1.03.0000.06 or SR2.3 FW
- Original support # is (25-4) =21 ACLs.
