[prev in list] [next in list] [prev in thread] [next in thread] 

List:       toasters
Subject:    RE: restrict access to volumes to particular protocols
From:       "Fox, Adam" <Adam.Fox () netapp ! com>
Date:       2009-09-11 17:40:31
Message-ID: 8B6F3943BF10CF4283889A3869476C1606556306 () RTPMVEXC1-PRD ! hq ! netapp ! com
[Download RAW message or body]

MultiStore is the correct solution.  Although just as a side commentary,
if you really can't trust your admins, you've got security problems far
beyond what software can help solve.

-- Adam Fox
Systems Engineer
adamfox@netapp.com

-----Original Message-----
From: Peter D. Gray [mailto:pdg@uow.edu.au] 
Sent: Wednesday, September 09, 2009 2:13 AM
To: toasters@mathworks.com
Subject: Re: restrict access to volumes to particular protocols

On Wed, Sep 09, 2009 at 07:34:24AM +0200, Borzenkov, Andrey wrote:
> If you do not trust domain administrators, remove them from local
administrators group on filer and/or implement finer grained role
restrictions.
>

But this does not soleve the problem methinks. I want them to be able
to set up shares in the volumes they need to. I just do
not want them to be able to set up
shares to oracle databases on the same filer.

One solution would be virtual filers (forget the name
of that feature for the monent). Then I could have the
oracle volumes on seperate virtual filers
to the shares. But thats a lot of bother.


Regards,
pdg

--

See mail headers for contact information.


[prev in list] [next in list] [prev in thread] [next in thread]