vserver security file-directory ntfs dacl remove
Remove a DACL entry from NTFS security descriptor.
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The vserver security file-directory ntfs dacl remove command removes a discretionary access control entry from a security descriptor.
You can unambiguously define which DACL entry to remove by specifying the following four parameters in the command:
Vserver associated with the security descriptor that contains the DACL entry
Name of the security descriptor that contains the DACL entry
Whether the DACL is an allow or deny type of DACL entry
The account name or SID to which the DACL is applied
Parameters
- -vserver <vserver name> - Vserver
- Specifies the name of the Vserver associated with the security descriptor from which you want to remove a discretionary access control entry.
- -ntfs-sd <ntfs sd name> - NTFS Security Descriptor Name
- Specifies the name of the security descriptor that contains the discretionary access control entry that you want to remove.
- -access-type {deny|allow} - Allow or Deny
- Specifies whether the discretionary access control entry you want to remove is an allow or deny of access control.
- -account <name or sid> - Account Name or SID
- Specifies the account name or SID associated with the discretionary access control entry that you want to remove.
Examples
The following example removes a DACL entry from the security descriptor named “sd2” with “allow” access type for the "BUILTIN\Administrators" account on Vserver vs1.
cluster1::> vserver security file-directory ntfs dacl remove -ntfs-sd sd2 -access-type
allow -account BUILTIN\Administrators -vserver vs1
Give documentation feedback