Skip to main content

Using local users and groups for authentication and authorization

You can create local users and groups on the storage virtual machine (SVM). The CIFS server can use local users for CIFS authentication and can use both local users and groups for authorization when determining both share and file and directory access rights.

Local group members can be local users, domain users and groups, and domain machine accounts.

Local users and groups can also be assigned privileges. Privileges control access to SVM resources and can override the permissions that are set on objects. A user or member of a group that is assigned a privilege is granted the specific rights that the privilege allows.

Note
Privileges do not provide ONTAP general administrative capabilities.