Windows ACL - multiple account permission -Example
21 views
Skip to first unread message
Helen Paterson
Sep 8, 2014, 12:12:22 PM9/8/14
to puppet...@googlegroups.com
Hi,
I am trying to give multiple users modify access to a file. I can give one user access fine:
acl { 'D:/Repositories':
permissions => [
{ identity => 'Administrators', rights => ['full'] },
{ identity => 'Users', rights => ['read','execute'] },
{ identity => 'Ecommerce Admins', rights => ['modify'] },
],
}
However adding multiple users , causes puppet to change the file permissions over and over again.
acl { 'D:/Repositories':
permissions => [
{ identity => 'Administrators', rights => ['full'] },
{ identity => 'Users', rights => ['read','execute'] },
{ identity => 'Ecommerce Admins', rights => ['modify'] },
identity => 'Ecommerce Operators', rights => ['modify'] },
identity => 'admweb-sa-test', rights => ['modify'] },
identity => 'tc-service-account', rights => ['modify'] },
],
}
I have tried an array but it expects a string and i have tried
acl { 'D:/Repositories':
permissions => [
{ identity => 'Administrators', rights => ['full'] },
{ identity => 'Users', rights => ['read','execute'] },
{ identity => 'Ecommerce Admins',
identity => 'Ecommerce Operators',
identity => 'admweb-sa-test',
identity => 'tc-service-account',
rights => ['modify'] },
],
}
Rob Reynolds
Sep 8, 2014, 4:24:58 PM9/8/14
to puppet...@googlegroups.com
On Mon, Sep 8, 2014 at 11:12 AM, Helen Paterson <helen.p...@gmail.com> wrote:
Hi,I am trying to give multiple users modify access to a file. I can give one user access fine:acl { 'D:/Repositories':permissions => [{ identity => 'Administrators', rights => ['full'] },{ identity => 'Users', rights => ['read','execute'] },{ identity => 'Ecommerce Admins', rights => ['modify'] },],}However adding multiple users , causes puppet to change the file permissions over and over again.acl { 'D:/Repositories':permissions => [{ identity => 'Administrators', rights => ['full'] },{ identity => 'Users', rights => ['read','execute'] },{ identity => 'Ecommerce Admins', rights => ['modify'] },identity => 'Ecommerce Operators', rights => ['modify'] },identity => 'admweb-sa-test', rights => ['modify'] },identity => 'tc-service-account', rights => ['modify'] },],}
I'm going to guess you meant to set this as:
acl { 'D:/Repositories':
permissions => [
{ identity => 'Administrators', rights => ['full'] },
{ identity => 'Users', rights => ['read','execute'] },
{ identity => 'Ecommerce Admins', rights => ['modify'] },
{ identity => 'Ecommerce Operators', rights => ['modify'] },
{ identity => 'admweb-sa-test', rights => ['modify'] },
{ identity => 'tc-service-account', rights => ['modify'] },
],
}
and proceed as if it was specified that way. Specified this way it should work just fine. However you are running into something weird. To understand what may be going on though, we'll need the output of your run:
'puppet apply --debug --verbose --trace "path\to\thismanifest.pp"'
What version of the module you have installed and what version of puppet you are trying to execute from.
I have tried an array but it expects a string and i have triedacl { 'D:/Repositories':permissions => [{ identity => 'Administrators', rights => ['full'] },{ identity => 'Users', rights => ['read','execute'] },{ identity => 'Ecommerce Admins',identity => 'Ecommerce Operators',identity => 'admweb-sa-test',identity => 'tc-service-account',rights => ['modify'] },],}
This is not likely to ever work. The acl module simply isn't designed in a way for you to pass in multiple identities with one set of rights. You should pass each identity with its own set of rights, even if they are the same.
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3a989c7e-48b2-41a9-b2fe-6f48d6785655%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages