Hi Thomas,
On Wed, Mar 20, 2013 at 3:31 AM, Thomas Bendler <thomas.bend...@gmail.com>wrote: > Hi Josh, > > 2013/3/20 Josh Cooper <j...@puppetlabs.com> > >> S-1-5-18 > > > thanks for the clarification, I wasn't aware that the SIDs are always the > same as stated in http://support.microsoft.com/kb/243330. > Many accounts have fixed SIDs, though some have a unique per-domain component: SID: S-1-5-21-domain-500 Name: Administrator where the domain part is unique. For example, you can display your SID as: C:\>whoami /user What's about everyone or user, will everyone or user get read-only access > when I change the mode to 0775? > Puppet maps the 'other' POSIX class to the Everyone SID ('S-1-1-0'). In most recent versions of Windows, this is all accounts except anonymous logon: http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2general/thread/3816efc7-255f-4f01-a71d-f27be627e439/ > Multiple groups can't be specified inside the file type, can they? The > reference documentation ( > http://docs.puppetlabs.com/references/3.1.latest/type.html#file) isn't > really clear about this topics ... at least from my point of view ;). > Puppet's file type only supports a single group account, but on Windows that group can contain multiple nested groups and work as expected. There is a ticket filed to support native NTFS ACLs, which would give you fine-grain permissions, such as the ability to list multiple groups, deny/allow, etc. See https://projects.puppetlabs.com/issues/13249 Josh -- Josh Cooper Developer, Puppet Labs -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
