8 Krypton

SMB share/permissions for /ifs

I've seen this mentioned is a couple of blogs and older posts but wanted to get any updated opinions people may have on the subject.  We're starting to set our Isilon up and was curious if there was any way better than others.  The main two things I've seen is removing the /ifs share altogether or changing /ifs to /ifs$ and restrict to only those needed to get to that directory. 

Is there really any particular/technical reason you would need to be able to smb map a share at the /ifs level?  That was my main concern if removing the root share killed any kind of functionality or not or if that share was just there by default in general.  If it's there by default for no particular reason then my inclination would be to remove it and say have a structure like, /ifs/clust1/smb/depts/... and have the first smb share created at that smb level as smb$, then /isf/clust1/nfs/... would be outside of any smb share levels.

Sorry for the rehash of an older topic, but being new to Isilon I always like to get an updated perspective on an old topic since some people may have changed their opinions over the years.  Also, coming from a Celerra, trying to wrap my mind around the Isilon's way of doing things.  Thanks for any tips/thoughts, appreciate it as usual.

Tags (4)
0 Kudos
3 Replies
8 Krypton

Re: SMB share/permissions for /ifs

Remember how on Celerra/VNX you connect to \\cifs_server\c$ , that allows you to see every single file system mounted on that VDM on physical DM.  I treat /ifs just like that,  i left it in place but i locked down share permissions to my team only. I can't think of any technical/practical reasons you must have it there.

0 Kudos
Highlighted
8 Krypton

Re: SMB share/permissions for /ifs

Thanks Dynamox, do you lock down permissions with Active Directory accounts or just local accounts?

0 Kudos
8 Krypton

Re: SMB share/permissions for /ifs

AD only, i try to stay away from local accounts as much as possible.

0 Kudos