ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • vserver security file-directory ntfs modify

    Modify an NTFS security descriptor

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    The vserver security file-directory ntfs modify command modifies an NTFS security descriptor. You can change the -owner , -group and `-control-flags-raw ` of the security descriptor with this command.

    Parameters

    -vserver <vserver name> - Vserver

    Specifies the name of the Vserver associated with the security descriptor that you want to modify.

    -ntfs-sd <ntfs sd name> - NTFS Security Descriptor Name

    Specifies the name of the security descriptor that you want to modify.

    [-owner <name or sid>] - Owner

    Specifies the owner of the security descriptor. You can specify the owner using either the user name or SID.

    The owner of the security descriptor can modify the permissions on the file (or folder) or files (or folders) to which the security descriptor is applied and can give other users the right to take ownership of the object or objects to which the security descriptor is applied. You can use any of the following formats when specifying the value for this parameter:

    +
    * SID
    * Domain\user-name
    * user-name@Domain
    * user-name@FQDN

    If you specify any of the three user name formats for the value of -owner , keep in mind that the value for the user name is case insensitive. The value for the user name is ignored for Storage-Level Access Guard (SLAG).
    [-group <name or sid>] - Primary Group

    Specifies the owner group of the security descriptor. You can specify the owner group using either a group name or SID. You can use any of the following formats when specifying the value for this parameter:

    +
    * SID
    * Domain\user-name
    * user-name@Domain
    * user-name@FQDN

    If you specify any of the three user name formats for the value of -group , keep in mind that the value for the user name is case insensitive. The value for the user name is ignored for SLAG.
    [-control-flags-raw <Hex Integer>] - Raw Control Flags

    Specifies the control flags in the security descriptor to be modified.

    The value for the control flag is ignored for SLAG.

    Examples

    The following example modifies the owner of an NTFS security descriptor named "sd2" on Vserver vs1.

    cluster1::> vserver security file-directory ntfs modify -ntfs-sd sd2 -vserver vs1 -owner domain\administrator
    cluster1::> vserver security file-directory ntfs show -vserver vs1 -ntfs-sd sd2
    Vserver: vs1
                        Security Descriptor Name: sd2
                Owner of the Security Descriptor: DOMAIN\Administrator
    Top of Page