List of supported privileges

Data ONTAP has a predefined set of supported privileges. Certain predefined local groups have some of these privileges added to them by default. You can also add or remove privileges from the predefined groups or create new local users or groups and add privileges to the groups that you created or to existing domain users and groups.

The following table lists the supported privileges on the Storage Virtual Machine (SVM) and provides a list of BUILTIN groups with assigned privileges:
Privilege name Default security setting Description
SeTcbPrivilege None Act as part of the operating system
SeBackupPrivilege BUILTIN\Administrators, BUILTIN\Backup Operators Back up files and directories, overriding any ACLs
SeRestorePrivilege BUILTIN\Administrators, BUILTIN\Backup Operators Restore files and directories, overriding any ACLs
SeTakeOwnershipPrivilege BUILTIN\Administrators Take ownership of files or other objects
SeSecurityPrivilege BUILTIN\Administrators Manage auditing

This includes viewing, dumping, and clearing the security log.

SeChangeNotifyPrivilege BUILTIN\Administrators, BUILTIN\Backup Operators, BUILTIN\Power Users, BUILTIN\Users, Everyone Bypass traverse checking

Users with this privilege are not required to have traverse (x) permissions to traverse folders, symlinks, or junctions.