This is explained in the security troubleshooter.
"I'm root but I can't do everything I want to on the filer" http://now.netapp.com/NOW/knowledge/docs/olio/guides/53_troubleshooting/faq....
By default, NT security does not allow administrators to access data unless it is granted in the ACL. However, NT administrators can take ownership and grant themselves access.
Not all shops want this behavior. In particular, if you have a Unix-centric administration model you can have "root" override NT-style security by turning on the "cifs.nfs_root_ignore_acl" option. That option is available in 5.3.7 and later versions of ONTAP.
Mark
-----Original Message----- From: White, Lance [mailto:Lance.White@netapp.com] Sent: Thursday, May 24, 2001 2:16 PM To: 'Chuck Ross'; Net App List (E-mail) Subject: RE: Why is root not root?
Because Data OnTap is NOT Unix. 'root' is a privileged account, 'Administrator' is a privileged account, some people map root == Administrator if they're really concerned. I would believe that allowing this degree of flexibility is a "feature".
-----Original Message----- From: Chuck Ross [mailto:chuck.ross@signiant.com] Sent: Thursday, May 24, 2001 2:06 PM To: Net App List (E-mail) Subject: Why is root not root?
Hi all,
Why is root on a Unix admin host for a filer in a mixed env not really root? By that I mean why is it possible to create directories on the NetApp via a Cifs share that root has no access to?
Chuck Ross
SIGNIANT - A Nortel Networks Venture 1550 Carling Avenue, Suite 101 Ottawa, ON K1Z 8S8
email: Chuck.Ross@signiant.com tel: (613) 761-3605 fax: (613) 761-3629
How about letting root delete files that are currently locked open on the NT-side like they can with NFS-locked files?
Bruce
-
Bruce Sterling Woodcock -
Muhlestein, Mark