Problem/Justification
I am attempting to assign privileges to the Owner Rights group/user which has an SID of S-1-3-4 according to microsoft. This is a useful SID for controlling what the owner of a file on an SMB share can do when you don’t want the owner to have the default permissions of everything. It seems this feature is not implemented within the UI of truenas scale as I have manually added this permission to a share using the windows security UI on the shared folder and when going to the Edit ACL within truenas scale it is a little broken, plus there is no way that I have found to create an ACE for Owner Rights using the UI.
Impact
This will allow users who wish to limit what the owner of a file/folder can do to said file/folder on an SMB share and will allow for more flexibility in how they handle their security on ACLs on their shares.
User Story
Users can create an ACE for the Owner Rights group/user so that the owner of a file/folder will not have the default permissions of everything and this will bring about more flexibility in what an SMB share’s permissions can accomplish using the truenas scale UI.