<div dir="ltr"><div><div></div>I'm setting up an OmniOS storage server with SMB shares for AD authenticated group shares. I got Active Directory integration, and Access Based Enumeration to working, then focused on quotas. I understand, I can have user/fs, group/fs, and a generic fs quotas. <br>
<br>Originally, I was going to use a single fs with directories for the different groups, but then I found that the group/fs quota is based on the primary group in AD, which is "Domain User" for all my users, and I don't have the rights to modify this. Besides, there may be situations where a single user may have multiple group memberships with differing quotas. So, I then created nested fs's under the "group" fs and set generic quotas on those. In the end, this more accuratley accomplishes what I wanted to do but.....<br>
<br>Two bad things happened. ACL inheritance broke and ABE broke. <br><br>ACL of the nested fs reverted to the default ACL (@owner, @group, @everyone) instead of inheriting from "group". I was able to work around this by manually setting my admin account permissions on the server (could have also used root), then via windows adding the additional users/groups. But when I did this, it "rediscovered the inherited permissions from "group", so had two entries. I just deleted the non-inherited entries. It seems like I'd have to do this for every group nested fs. Is there an easier way to do this?<br>
<br></div>I also noticed that the nested fs, which shouldn't be visible because of ABE, are now visible. The security settings is properly blocking access, but I don't want them seen if the user doesn't have access. I have not been able to fix this. Any ideas here?<br>
<div><br><br></div><div>Thanks!<br></div></div>