Reset privileges for local or domain users and groups
Suggest changes
PDFs
You can reset privileges for local or domain users and groups. This can be useful when you have made modifications to privileges for a local or domain user or group and those modifications are no longer wanted or needed.
Resetting privileges for a local or domain user or group removes any privilege entries for that object.
-
Reset the privileges on a local or domain user or group:
vserver cifs users-and-groups privilege reset-privilege -vserver vserver_name -user-or-group-name name -
Verify that the privileges are reset on the object:
vserver cifs users-and-groups privilege show -vserver vserver_name ‑user-or-group-name name
The following example resets the privileges on the user “CIFS_SERVER\sue” on storage virtual machine (SVM, formerly known as Vserver) vs1. By default, normal users do not have privileges associated with their accounts:
cluster1::> vserver cifs users-and-groups privilege show
Vserver User or Group Name Privileges
--------- --------------------- ---------------
vs1 CIFS_SERVER\sue SeTcbPrivilege
SeTakeOwnershipPrivilege
cluster1::> vserver cifs users-and-groups privilege reset-privilege -vserver vs1 -user-or-group-name CIFS_SERVER\sue
cluster1::> vserver cifs users-and-groups privilege show
This table is currently empty.
The following example resets the privileges for the group “BUILTIN\Administrators”, effectively removing the privilege entry:
cluster1::> vserver cifs users-and-groups privilege show
Vserver User or Group Name Privileges
--------- ------------------------ -------------------
vs1 BUILTIN\Administrators SeRestorePrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
cluster1::> vserver cifs users-and-groups privilege reset-privilege -vserver vs1 -user-or-group-name BUILTIN\Administrators
cluster1::> vserver cifs users-and-groups privilege show
This table is currently empty.