cifs access -delete share [ -g ] user
cifs access share -m
cifs access -delete share -m
The share argument specifies the share whose ACL or Windows machine account access is to be modified. If share contains the wildcard characters * or ? , then the access all the shares matching the specified pattern are modified. The user argument specifies the user or group of the ACL entry. user can be an NT user or group, if the node is using NT domain authentication, or it can be a Unix user or group, or it can be the special allencompassing group everyone. The rights argument can be specified in either NT or Unix style. NT-style rights are:
No Access
Read
Change
Full Control
Unix-style rights are a combination of r for read, w for write, and x for execute.
If a share-level ACL entry for user already exists on the specified share, cifs access updates that ACL entry.
To display the current share-level ACL of a share, use Windows Server Manager or the cifs shares command.
If Kerberos is used, Windows machine accounts can authenticate with the node. Windows machine accounts are specified with the -m option and access can only be allowed or denied. cifs access may also be used to add Windows machine account access to home directories by specifying cifs.homedir as the share.
To determine if Windows machine accounts can access share, use the cifs shares command.
toaster> cifs access releases ENGINEERING\mary Read
The following example grants Unix read and execute access to the user john on the share accounting.
toaster> cifs access accounting john rx
The following example grants full access to the Unix group wheel on the share sysadmins.
toaster> cifs access sysadmins -g wheel Full Control
The following example deletes the ACL entry for ENGINEERING\mary on the share releases.
toaster> cifs access -delete releases ENGINEERING\mary
The following example permits Windows machine account access to home directories
toaster> cifs access cifs.homedir -m