[nfsv4] Windows/NFSv4 ACL interoperability

Michael B Allen mba2000 at ioplex.com
Tue Mar 28 21:40:45 GMT 2006

On Tue, 28 Mar 2006 09:25:34 -0500
David Collier-Brown <davec-b at rogers.com> wrote:

>    I'd like to suggest that acls are presented so badly that
> they make people's brains explode (;-))

Ahh, are Windows ACLs really that bad? I agree they're difficult to
*fully* understand [1] but most people know enough to be able to safely
secure shares in a fairly fine grained way. I'm no expert but I know
enough to suspect that if your groups are well organized, actually
manipulating the ACLs is relatively straight forward (albeit somewhat
tedious).  If you inherit years of half obsolete poorly structured groups
or you're a fly-by-the-seat-of-your-pants kinda admin then you're going
to have problems regardless of what type of ACLs you're using.


[1] A good description is vital to understanding Windows ACLs. Keith
  Brown's _.NET Developer's Guide to Windows Security_ did it for me. Note
  there's not that much in there for developers - it's a very good
  text for admins as well. The whole book is available online here:

More information about the samba-technical mailing list