Hey all,

I've been trying to figure out a solution for this, and although I thought I figured it out, it ends up I can't seem to figure it out. Hear me out.

We run an automated ZCM imaging system, and part of that is the ability to have any user authenticate on successful image using the Novell client. Once this is done, the first login should start installing a series of bundles/applications.

As MS Office 2010 is a rather large install, I keep the files/folders stored on a NSS volume, aptly named:

//oesserver/media/nss/APPS/MICROSOFT/MS Office 2010 SP2 - Admin Install

I would like ALL users to have access to this directory but since we run on a weird container layout, and our licensing permits for a rather large number of installs, I wanted to give the [Public] user read+filescan rights to each server's /media/nss/APPS/MICROSOFT/MS Office 2010 SP2/ directory, so regardless of where you are mapping with any user, that user would then have access to said folder.

If I use either the iManager plugin or directly using the Novell client method of applying [Public] as a trustee, it works, and the client can see the folder.

I have over 30 servers that each have the identical path, so in my sleuthing I found the OES command to perform: rights

So I performed the following command:

rights -f "/media/nss/APPS/MICROSOFT/MS Office 2010 SP2 - Admin Install" -r rf trustee [Public]

If I then show the results, there are successful:

rights show

The problem, however, is that within Windows, from any login, when I right-click the folder and check the trustees, I do not see that user in the list, and in return, that user has no access to the directory.

If I then run my command to remove the rights from the OES server:

rights -f /media/nss/APPS/MICROSOFT/MS\ Office\ 2010\ SP2\ -\ Admin\ Install/ -r none delete [Public]

And then run a "rights show" again, the Public user is removed correctly.

What I can't seem to figure out is why the command will allow me to set trustee rights to [Public], that "rights show" will validate that the rights are currently assigned, but from a Windows perspective I have no access to that directory.

I have done a "rights show" on the drive when assigning the rights from the Novell client and/or iManager, and there is NO difference in how "rights show" see the [Public] user listed.

Has anyone else ever seen this?

If I specify a user in my tree, it works correctly on both ends.

rights -f "/media/nss/APPS/MICROSOFT/MS Office 2010 SP2 - Admin Install" -r rf trustee username.ou.o.tree_name

rights show will then show me the appropriate trustee, and the user can see the path in Windows.

This restriction seems limited to the [Public] user, but I have no idea how to do this properly.

I'd like to avoid doing it by hand, because I want the ability to script all my changes and remotely and efficiently.

Any advice?