ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • vserver security file-directory ntfs sacl remove

    Remove a SACL entry from NTFS security descriptor

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    The vserver security file-directory ntfs sacl remove command removes a system access control list entry from a security descriptor.

    You can unambiguously define which SACL entry to remove by specifying the following four parameters in the command:

    • Vserver associated with the security descriptor that contains the SACL entry

    • Name of the security descriptor that contains the SACL entry

    • Whether the SACL is a success or failure type of SACL entry

    • The account name or SID to which the SACL is applied

    Parameters

    -vserver <vserver name> - Vserver

    Specifies the name of the Vserver associated with the security descriptor from which you want to remove the system access control list entry.

    -ntfs-sd <ntfs sd name> - NTFS Security Descriptor Name

    Specifies the name of the security descriptor that contains the system access control list entry that you want to remove.

    -access-type {failure|success} - Success or Failure

    Specifies whether the system access control list entry that you want to remove is a failure or success access audit type.

    -account <name or sid> - Account Name or SID

    Specifies the account name or SID associated with the system access control list entry that you want to remove.

    Examples

    The following example removes a SACL entry named “sd2” on Vserver vs1 with an access type of “success” associated with the "BUILTIN\Administrators" account.

    cluster1::> vserver security file-directory ntfs sacl remove -ntfs-sd sd2 -access-type success -account BUILTIN\Administrators -vserver vs1
    Top of Page