Release notes
Map the administrators group to root
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
If you have only CIFS clients in your environment and your storage virtual machine (SVM) was set up as a multiprotocol storage system, you must have at least one Windows account that has root privilege for accessing files on the SVM; otherwise, you cannot manage the SVM because you do not have sufficient user rights.
If your storage system was set up as NTFS-only, however, the /etc directory has a file-level ACL that enables the administrators group to access the ONTAP configuration files.
-
Set the privilege level to advanced:
set -privilege advanced -
Configure the CIFS server option that maps the administrators group to root as appropriate:
If you want to… Then… Map the administrator group members to root
vserver cifs options modify -vserver vserver_name -is-admin-users-mapped-to-root-enabled trueAll accounts in the administrators group are considered root, even if you do not have an/etc/usermap.cfgentry mapping the accounts to root. If you create a file using an account that belongs to the administrators group, the file is owned by root when you view the file from a UNIX client.Disable mapping the administrators group members to root
vserver cifs options modify -vserver vserver_name -is-admin-users-mapped-to-root-enabled falseAccounts in the administrators group no longer map to root. You can only explicitly map a single user to root. -
Verify that the option is set to the desired value:
vserver cifs options show -vserver vserver_name -
Return to the admin privilege level:
set -privilege admin