Can members of a group inherit that group's inherited rights?

  • 3697433
  • 22-Jan-2008
  • 27-Apr-2012


Novell eDirectory
Novell NetWare
Novell Open Enterprise Server (Linux based)
Novell Open Enterprise Server (NetWare based)


Example scenario:

O=SandPit has explicit WEFRCMA rights to directory TEMP on a volume in O=Novell

CN=MyGroup.O=SandPit is a group and has no explicit rights but has Effective Rights of WEFRCMA inherited from O=SandPit

CN=MyUser.O=PlayPen is a user in Group CN=MyGroup.O=SandPit and has no rights, no explicit rights and no inherited rights

In this situation, MyGroup's members (i.e. MyUser) do not inherit the rights that the group inherited from its parent container (i.e. SandPit). Is this correct?


This is working as designed.

An object will not gain rights inherited by an object it is Security Equivalent to.

Security equivalence is effective only for one step; it is not transferred by a subsequent security equivalence. For example, if you make a third user security equivalent toJoein the example above, that user receives onlyJoe’s original security settings. The third user does not receive Admin rights or any other Security Equal To propertiesJoemight have. Section 8.1 eDirectory Objects and Security Equivalence, OES2: File Systems Management Guide.