Map the administrators group to root
If you have only CIFS clients in your environment and your storage virtual machine (SVM) was set up as a multiprotocol storage system, you must have at least one Windows account that has root privilege for accessing files on the SVM; otherwise, you cannot manage the SVM because you do not have sufficient user rights.
If your storage system was set up as NTFS-only, however, the
/etc directory has a file-level ACL that enables the administrators group to access the ONTAP configuration files.
Set the privilege level to advanced:
set -privilege advanced
Configure the CIFS server option that maps the administrators group to root as appropriate:
If you want to… Then…
Map the administrator group members to root
vserver cifs options modify -vserver vserver_name -is-admin-users-mapped-to-root-enabled trueAll accounts in the administrators group are considered root, even if you do not have an
/etc/usermap.cfgentry mapping the accounts to root. If you create a file using an account that belongs to the administrators group, the file is owned by root when you view the file from a UNIX client.
Disable mapping the administrators group members to root
vserver cifs options modify -vserver vserver_name -is-admin-users-mapped-to-root-enabled falseAccounts in the administrators group no longer map to root. You can only explicitly map a single user to root.
Verify that the option is set to the desired value:
vserver cifs options show -vserver vserver_name
Return to the admin privilege level:
set -privilege admin