I have a new project and wanted to ping the community first before I got started. Looking for ideas on how best I can approach this problem.
I have a client that has a Quantum StorNext storage solution in the entertainment industry. This client has PCs and Macs that have an agent on their computers that allows them to talk to this device. This storage device has nearly 2TB of data on it with hundreds of thousands of folders and millions of files. Whenever a Mac creates or moves a file from one folder to another it removes the permissions on the file. They have a very simple requirement; have one account as the owner on ALL folders and files and the exact same permissions on everything.
Ultimately, they just need around 20 “root” folders to have a certain permission and owner and then set everything under that to inherit those permissions. The Macs are breaking that and explicitly setting their own. They’ve talked with the vendor and it’s not possible to fix this so a workaround has to be put in place. As an interim fix, they’ve got a script that runs every night that trawls through all of those folders files and ensures they’re all set to inherit from the parent folder. It takes WAY too long. They’ve brought me in to do a better job of that.
The goal is to ensure every file and folder in these set of “root” folders is set to inherit permissions from the parent in the shortest time possible.
Here are my thoughts as of now:
Setup a bunch of permanent WMI event consumers to monitor folders for new files and then trigger an ACL change. First of all, I don’t know if this is possible because the files are located on the SAN and not on a NTFS volume.
Create a script that either runs background runspaces, jobs or some other parallel means that crawls through the files and checks. This would be similar to the script they’re running now but it would be much faster since I’ll be introducing asychronisity (is that a word?) to it.
I’m out of ideas…
Anyone have any thoughts of how to approach this problem?