Hi,
I got a Windows 2012 R2 with Server for NFS role installed.
My user mapping is very simple because I have only one user who has to access my NFS Share from his iSeries.
My NFS Share is defined with this commands
New-NFSShare -Name 'Tmp' -Path T:\Tmp -Authentication 'All' Grant-NfsSharePermission -Name 'Tmp' -AllowRootAccess $True -LanguageEncoding ansi -ClientName 'ISDev' -Type 'Host' -Permission 'ReadWrite'
My share is well mounted on my iSeries (ISDev)
I can create a folder or a file from my iSeries in my mounted folder.
But ...
Three NTFS rights are added to the new folder created :
FileSystemRights : DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize AccessControlType : Allow IdentityReference : Everyone IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : DeleteSubdirectoriesAndFiles, Write, ReadAndExecute, Synchronize AccessControlType : Allow IdentityReference : MyDomain\Domain users IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : FullControl AccessControlType : Allow IdentityReference : MyDomain\DEV_NFS1_DEV IsInherited : False InheritanceFlags : None PropagationFlags : None
The third right is good because DEV_NFS1_DEV is the AD user mapped to my iSeries user.
But i don't want the everyone and domain users rights !!!
Do you know what to do to have more security ?
Thank you for your help.
Ludovic.