Authentication and file access is controlled by the file system trustees and rights that you set from the merged view. Users do not have direct access to the secondary volume. You can set trustees, trustee rights, and file system attributes by using the NCP client or the Files and Folders plug-in to Novell iManager and accessing the primary volume. When you access the volume with NCP tools via the primary volume, NCP automatically shows the merged view.
To manage the rights of Active Directory trustees on DST volumes, you can use OES File Access Rights Management (NFARM) utility or rights utility. For more information, see OES File Access Rights Management (NFARM) in the OES 2023: NSS File System Administration Guide for Linux.
IMPORTANT:You set trustees, trustee rights, and file system attributes exactly as you would on any NSS volume. DST applies the settings appropriately. You do not need to be aware of where the data physically resides between the two volumes. For information about setting file system attributes, see Configuring File System Trustees, Trustee Rights, Inherited Rights Filters, and Attributes
in the OES 2023: NSS File System Administration Guide for Linux.
Trustees and rights are tied very closely to NCP and NSS, and are coordinated between them via an event system. Therefore, if you use the NCP client or Files and Folders plug-in from the merged view to add, modify, or remove trustees and trustee rights, those changes are automatically synchronized from NCP to NSS, and the event is also automatically synchronized from the primary volume to the secondary volume.
Explicit trustee settings for files and folders are stored in both volumes.
Inherited trustee rights are calculated and enforced based on the trustee settings for the folders on the primary volume. The primary folder tree contains instances of the folders on the secondary volume in order to support this function.
File system attributes are enforced by the NSS file system after they are set.