Hey all,
We’ve been working in a development environment with deadline and one of the questions that has come out of it has to do with repository security. Basically every user that has access to deadline needs to be able to read and write the repository. I understand you can limit access in the UI and prevent users from changing another users jobs, but what is to prevent a user from logging in or mapping the repository drive and then accessing the repo files directly? We have some jobs that we don’t want users of certain groups to be able to access. Haven’t seen anything in the docs about this and was curious what everyone was doing or if there was something I missed in the docs. This sort of snowballs into my second question which I will post separately (limiting the UI).
Thanks in advance!
That’s a tricky problem to be honest. Since Deadline was designed to have full read/write permissions, Deadline Monitor might die if permissions are put in place so that some users can’t read parts of the repository. We do support putting assets into a different share… So it might be possible to hide the scenes from certain people.
Example setup:
\file_server_1\assetshare:
all users: file creation. users can only access the folders they created.
render user: full read/write access to all folders.
This way the farm is still able to render, but users can’t view or steal assets from the asset server. They can still mess around with the repository however.
I’m not a Windows/NFS ACL guru, so you’ll have to muck around and see what works.
hmmm…ok we will have to experiment a bit then.