跳到主要内容

删除存储级访问防护

如果不想再设置存储级的访问安全,您可以删除卷或 Qtree 上的存储级访问防护。删除存储级访问防护不会修改或删除常规 NTFS 文件和目录的安全性。

  1. 确认卷或 Qtree 具有使用 vserver security file-directory show 命令配置的存储级访问防护。

    示例

    vserver security file-directory show -vserver vs1 -path /datavol2
       
    Vserver: vs1
    File Path: /datavol2
    File Inode Number: 99
    Security Style: ntfs
    Effective Style: ntfs
    DOS Attributes: 10
    DOS Attributes in Text: ----D---
    Expanded Dos Attributes: -
    UNIX User Id: 0
    Unix Group Id: 0
    Unix Mode Bits: 777
    Unix Mode Bits in Text: rwxrwxrwx
    ACLs: NTFS Security Descriptor
    Control:0xbf14
    Owner:BUILTIN\Administrators
    Group:BUILTIN\Administrators
    SACL - ACEs
    AUDIT-EXAMPLE\Domain Users-0xf01ff-OI|CI|FA
    DACL - ACEs
    ALLOW-EXAMPLE\Domain Admins-0x1f01ff-OI|CI
    ALLOW-EXAMPLE\Domain Users-0x1301bf-OI|CI

    Storage-Level Access Guard security
    DACL (Applies to Directories):
    ALLOW-BUILTIN\Administrators-0x1f01ff
    ALLOW-CREATOR OWNER-0x1f01ff
    ALLOW-EXAMPLE\Domain Admins-0x1f01ff
    ALLOW-EXAMPLE\Domain Users-0x120089
    ALLOW-NT AUTHORITY\SYSTEM-0x1f01ff
    DACL (Applies to Files):
    ALLOW-BUILTIN\Administrators-0x1f01ff
    ALLOW-CREATOR OWNER-0x1f01ff
    ALLOW-EXAMPLE\Domain Admins-0x1f01ff
    ALLOW-EXAMPLE\Domain Users-0x120089
    ALLOW-NT AUTHORITY\SYSTEM-0x1f01ff
  2. 使用 vserver security file-directory remove-slag 命令删除存储级访问防护。

    示例

    vserver security file-directory remove-slag -vserver vs1 -path /datavol2
  3. 使用 vserver security file-directory show 命令验证存储级访问防护已从卷或 Qtree 中删除。

    示例

    vserver security file-directory show -vserver vs1 -path /datavol2
                    Vserver: vs1
    File Path: /datavol2
    File Inode Number: 99
    Security Style: ntfs
    Effective Style: ntfs
    DOS Attributes: 10
    DOS Attributes in Text: ----D---
    Expanded Dos Attributes: -
    UNIX User Id: 0
    Unix Group Id: 0
    Unix Mode Bits: 777
    Unix Mode Bits in Text: rwxrwxrwx
    ACLs: NTFS Security Descriptor
    Control:0xbf14
    Owner:BUILTIN\Administrators
    Group:BUILTIN\Administrators
    SACL - ACEs
    AUDIT-EXAMPLE\Domain Users-0xf01ff-OI|CI|FA
    DACL - ACEs
    ALLOW-EXAMPLE\Domain Admins-0x1f01ff-OI|CI
    ALLOW-EXAMPLE\Domain Users-0x1301bf-OI|CI