- 최신
- 최다 투표
- 가장 많은 댓글
Hello,
You can control permissions on the SMB file share granularly using NTFS ACLs from Windows explorer or using PowerShell.
-
To prevent users to change/grant permissions to other domain users, you would need to ensure those AD user/group are not granted
Change Permissions
orFull Control
NTFS permissions on specified file/folder. However, please note that the owner of the file/folder can always change permissions for themselves or grant permissions to others regardless of any existing permissions on that file/folder. Please refer here for additional information. -
With robocopy command, please ensure that you are using /S flag to copy NTFS ACLs. You can use the following robocopy command which would copy data, attributes, timestamps, NTFS ACLs and ownership information. Please refer here for more information.
robocopy Y:\ Z:\ /copy:DATSO /secfix /e /MT:8
Additional references:
https://docs.aws.amazon.com/filegateway/latest/files3/best-practices-copying-files-on-windows.html https://docs.aws.amazon.com/filegateway/latest/files3/smb-acl.html https://docs.aws.amazon.com/storagegateway/latest/APIReference/API_CreateSMBFileShare.html#StorageGateway-CreateSMBFileShare-request-AdminUserList
관련 콘텐츠
- AWS 공식업데이트됨 2년 전