Return
-
Title
ReACL fails on Isilon NAS devices -
Description
Attempting to perform a ReACL on an Isilon NAS receive an error “Unable to update item security for item” even though the service account appears to have the correct permissions granted to the share. -
Cause
Isilon does not support the standard local security policies that you would have on a typical Windows/CIFS Server. Isilon permissions are implemented using extended ACLs which mimic NTFS permissions and therefore require additional configuration to provide share access.
-
Resolution
Perform one of the following two configurations on the Isilon share to provide access to the service account being used to perform the ReACL:
- Apply the “Run-as-Root” share level permissions
- Apply the following RBAC privileges
- ISI_PRIV_IFS_RESTORE
- ISI_PRIV_IFS_BACKUP
- ISI_PRIV_NS_TRAVERSE