ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • vserver security file-directory ntfs dacl remove

    Remove a DACL entry from NTFS security descriptor.

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    The vserver security file-directory ntfs dacl remove command removes a discretionary access control entry from a security descriptor.

    You can unambiguously define which DACL entry to remove by specifying the following four parameters in the command:

    • Vserver associated with the security descriptor that contains the DACL entry

    • Name of the security descriptor that contains the DACL entry

    • Whether the DACL is an allow or deny type of DACL entry

    • The account name or SID to which the DACL is applied

    Parameters

    -vserver <vserver name> - Vserver

    Specifies the name of the Vserver associated with the security descriptor from which you want to remove a discretionary access control entry.

    -ntfs-sd <ntfs sd name> - NTFS Security Descriptor Name

    Specifies the name of the security descriptor that contains the discretionary access control entry that you want to remove.

    -access-type {deny|allow} - Allow or Deny

    Specifies whether the discretionary access control entry you want to remove is an allow or deny of access control.

    -account <name or sid> - Account Name or SID

    Specifies the account name or SID associated with the discretionary access control entry that you want to remove.

    Examples

    The following example removes a DACL entry from the security descriptor named “sd2” with “allow” access type for the "BUILTIN\Administrators" account on Vserver vs1.

    cluster1::> vserver security file-directory ntfs dacl remove -ntfs-sd sd2 -access-type allow -account BUILTIN\Administrators -vserver vs1
    Top of Page