Base directory guidelines

A base directory defines the file system tree exposed by an access zone. The access zone cannot grant access to any files outside of the base directory. You must assign a base directory to each access zone.

Base directories restrict path options for several features such as SMB shares, NFS exports, the HDFS root directory, and the local provider home directory template. The base directory of the default System access zone is /ifs and cannot be modified.

To achieve data isolation within an access zone, we recommend creating a unique base directory path that is not identical to or does not overlap another base directory, with the exception of the System access zone. For example, do not specify /ifs/data/hr as the base directory for both the zone2 and zone3 access zones, or if /ifs/data/hr is assigned to zone2, do not assign /ifs/data/hr/personnel to zone3.

OneFS supports overlapping data between access zones for cases where your workflows require shared data; however, this adds complexity to the access zone configuration that might lead to future issues with client access. For the best results from overlapping data between access zones, we recommend that the access zones also share the same authentication providers. Shared providers ensures that users will have consistent identity information when accessing the same data through different access zones.

If you cannot configure the same authentication providers for access zones with shared data, we recommend the following best practices: