Filter
Top Products
Chapter 1 User Management Overview 29
ACLs and POSIX Permissions
Every file and folder has POSIX permissions. Unless an administrator assigns ACL
permissions, POSIX permissions continue to define user access. If you assign ACL
permissions, they take precedence over standard POSIX permissions.
If a file has ACL permissions, but none apply to the user, the POSIX permissions
determine user access. If a file has multiple ACEs that apply to a user, the first
applicable ACE takes precedence, and subsequent ACEs are ignored.
For more information about ACL and POSIX permissions, see File Services Administration.
SIDs and Windows Interoperability
Mac OS X computers work seamlessly with Windows computers because Mac OS X
assigns a security identifier (SID) to a process or file when it assigns a GUID to the
process or file. A SID is a Windows identifier that has similar functionality to a GUID on
a Mac OS X computer.
When Windows users access share points using Server Message Block (SMB), they
transfer SIDs, not GUIDs. When Mac OS X Server receives SIDs, it retrieves the user
accounts with the corresponding GUIDs.
Windows servers use Active Directory as their directory domain. If a user account is
moved to a different Active Directory domain, it receives a new SID but not a new
GUID. The user still has access permissions assigned to old SIDs because Active
Directory keeps track of SID history in user accounts.