How UNIX Permissions Are Approximated by Server for NFS (262965)

MORE INFORMATION

Each file in UNIX has an associated owner and group. File permissions are then assigned to the owner of the file, the file's group, and then to all others. For example, the following sample output is the output from running the ls -l command:

   -rwxrw-r--  1 user1 staff          64 May 15 19:01 letter.txt
				

The owner of the Letter.txt file is user1; the group is staff. The following rights are assigned: In the Windows NT and Windows 2000 NTFS file system, each file also has an owner and a primary group. The primary group of a file is not used by the Win32 subsystem, but is present for programs that make use of the POSIX subsystem. When a file is created, the user who created the file becomes its owner and that user's primary group becomes the file's primary group. Access Control Entries (ACEs) are then added to the DACLs to assign permissions.

Server for NFS approximates NTFS file permissions to UNIX file permissions by using User Name Mapping Server. User Name Mapping Server allows an administrator to map users and groups in Windows NT and Windows 2000 to corresponding users and groups on a UNIX server or an NIS domain (for more information about User Name Mapping Server, please see the online Help). ACEs for the owner of the file and for the primary group of the file are then translated into the appropriate UNIX permissions for owner and group. The ACE for the built-in Everyone group is then translated into the appropriate UNIX permissions for all others. Consider the following example: The permissions are: User1 is mapped to a UNIX user also named user1. The Users group is mapped to the UNIX group named staff. A UNIX client sees the following permissions with the ls -l command:

   -rwxrw-r--  1  user1 staff          512 May 9 15:42 letter.doc