HandsomePaul
Cadet
- Joined
- Sep 21, 2018
- Messages
- 2
Hi guys, New to FreeNAS but figuring things out pretty well, my only issue is with the file permissions, specifically on the datasets.
So I have this setup for a testing environment built as a mock small business office with multiple users and departments, everyone in sales would have access to just the sales folder, finance only finance folder, management would have access to every folder except root IT stuff.
I feel I understand the role of groups as they can technically be linked 1 to 1 with the departments themselves and the users within those groups being Identities of the users who login with them.
My question is if I set the group to its corresponding department then what is best practice when it comes to setting the "Owner" of the datasets... Should I leave that as root or set it to the I.T Admin who setup the dataset... If I set the owner to one person in say 'John' in the 'Sales Group' does 'Mary' in the 'Sales Group' still have access? Will the SysAdmins or 'Management' still be able to access?
Maybe my design is off and I need to retool the whole thing but figured this would be a good place to get ideas.
Thanks for any thoughts
So I have this setup for a testing environment built as a mock small business office with multiple users and departments, everyone in sales would have access to just the sales folder, finance only finance folder, management would have access to every folder except root IT stuff.
I feel I understand the role of groups as they can technically be linked 1 to 1 with the departments themselves and the users within those groups being Identities of the users who login with them.
My question is if I set the group to its corresponding department then what is best practice when it comes to setting the "Owner" of the datasets... Should I leave that as root or set it to the I.T Admin who setup the dataset... If I set the owner to one person in say 'John' in the 'Sales Group' does 'Mary' in the 'Sales Group' still have access? Will the SysAdmins or 'Management' still be able to access?
Maybe my design is off and I need to retool the whole thing but figured this would be a good place to get ideas.
Thanks for any thoughts