Setting the desired NT ACL permissions display level for NFS clients

Download PDF of this page

After upgrading from ONTAP 8.3.0, the default handling for displaying NT ACL permissions to NFS clients has changed. You should check the setting and change it to the desired setting for your environment if necessary. This task does not apply if you are upgrading from ONTAP 8.3.1 or later.

In multiprotocol environments, ONTAP displays to NFS clients the permissions of NTFS security-style files and directories based on the access granted by the NT ACL to any user. In ONTAP 8.3.0, ONTAP by default displayed to NFS clients the permission based on the maximum access granted by the NT ACL. After upgrading, the default setting changes to display permissions based on the minimum access granted by the NT ACL. This change applies to new and existing storage virtual machines (SVMs).

  1. Set the privilege level to advanced: set -privilege advanced

  2. Check the setting for displaying NT ACL permissions for NFS clients: vserver nfs show -vserver vserver_name -fields ntacl-display-permissive-perms

    After upgrading from 8.3.0, the value for this new parameter is disabled, meaning ONTAP displays the minimum permissions.

  3. If you prefer to display the maximum permissions, change the setting individually for each SVM as desired: vserver nfs modify -vserver vserver_name -ntacl-display-permissive-perms enabled

  4. Verify that the change took effect: vserver nfs show -vserver vserver_name -fields ntacl-display-permissive-perms

  5. Return to the admin privilege level: set -privilege admin