List of supported privileges
ONTAP has a predefined set of supported privileges. Certain predefined local groups have some of these privileges added to them by default. You can also add or remove privileges from the predefined groups or create new local users or groups and add privileges to the groups that you created or to existing domain users and groups.
The following table lists the supported privileges on the storage virtual machine (SVM) and provides a list of BUILTIN groups with assigned privileges:
| Privilege name | Default security setting | Description |
|---|---|---|
| SeTcbPrivilege | None | Act as part of the operating system |
| SeBackupPrivilege | BUILTIN\Administrators , BUILTIN\Backup Operators | Back up files and directories, overriding any ACLs |
| SeRestorePrivilege | BUILTIN\Administrators , BUILTIN\Backup Operators | Restore files and directories, overriding any ACLs Set any valid user or group SID as the file owner |
| SeTakeOwnershipPrivilege | BUILTIN\Administrators | Take ownership of files or other objects |
| SeSecurityPrivilege | BUILTIN\Administrators | Manage auditing This includes viewing, dumping, and clearing the security log. |
| SeChangeNotifyPrivilege | BUILTIN\Administrators , BUILTIN\Backup Operators , BUILTIN\Power Users , BUILTIN\Users , Everyone | Bypass traverse checking Users with this privilege are not required to have traverse (x) permissions to traverse folders, symlinks, or junctions. |
Give documentation feedback