Map the administrators group to root
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- SAN storage management
- Security and data encryption
-
Data protection and disaster recovery
- Data protection with the CLI
Collection of separate PDF docs
Creating your file...
If you have only CIFS clients in your environment and your storage virtual machine (SVM) was set up as a multiprotocol storage system, you must have at least one Windows account that has root privilege for accessing files on the SVM; otherwise, you cannot manage the SVM because you do not have sufficient user rights.
If your storage system was set up as NTFS-only, however, the /etc
directory has a file-level ACL that enables the administrators group to access the ONTAP configuration files.
-
Set the privilege level to advanced:
set -privilege advanced
-
Configure the CIFS server option that maps the administrators group to root as appropriate:
If you want to… Then… Map the administrator group members to root
vserver cifs options modify -vserver vserver_name -is-admin-users-mapped-to-root-enabled true
All accounts in the administrators group are considered root, even if you do not have an/etc/usermap.cfg
entry mapping the accounts to root. If you create a file using an account that belongs to the administrators group, the file is owned by root when you view the file from a UNIX client.Disable mapping the administrators group members to root
vserver cifs options modify -vserver vserver_name -is-admin-users-mapped-to-root-enabled false
Accounts in the administrators group no longer map to root. You can only explicitly map a single user to root. -
Verify that the option is set to the desired value:
vserver cifs options show -vserver vserver_name
-
Return to the admin privilege level:
set -privilege admin