vserver security file-directory ntfs sacl remove
Remove a SACL entry from NTFS security descriptor
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The vserver security file-directory ntfs sacl remove command removes a system access control list entry from a security descriptor.
You can unambiguously define which SACL entry to remove by specifying the following four parameters in the command:
Vserver associated with the security descriptor that contains the SACL entry
Name of the security descriptor that contains the SACL entry
Whether the SACL is a success or failure type of SACL entry
The account name or SID to which the SACL is applied
Parameters
- -vserver <vserver name> - Vserver
- Specifies the name of the Vserver associated with the security descriptor from which you want to remove the system access control list entry.
- -ntfs-sd <ntfs sd name> - NTFS Security Descriptor Name
- Specifies the name of the security descriptor that contains the system access control list entry that you want to remove.
- -access-type {failure|success} - Success or Failure
- Specifies whether the system access control list entry that you want to remove is a failure or success access audit type.
- -account <name or sid> - Account Name or SID
- Specifies the account name or SID associated with the system access control list entry that you want to remove.
Examples
The following example removes a SACL entry named “sd2” on Vserver vs1 with an access type of “success” associated with the "BUILTIN\Administrators" account.
cluster1::> vserver security file-directory ntfs sacl remove -ntfs-sd sd2 -access-type
success -account BUILTIN\Administrators -vserver vs1
Give documentation feedback