Greetings,
We replaced a filer named home2 with a new head. We physically moved disks from the old head to the new head. One of the volumes that we moved uses ntfs security style. I used to be able to map the volume/share as user home2\administrator and had "full contol" on everything.
Now, however, the home2\administrator user on the new head has a new SID while the ACLs in the volume display the old SID. So now Administrator has limited access rights (can't drill down into folders, can't change ACLs, etc.) Doesn't the local Administrator user trump the ACLs ?
Anyone have any suggestions? I'm a Unix guy with limited Windows knowledge.
By the way, the filer is a member of a Windows AD domain, but I'm not a domain admin, so I don't have a privileged AD account. That's why I use the local Administrator account. Do I need to get a domain admin to help me?
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support
The SID of the local administrator user is generated using the SID of the machine plus a known suffix (500 IIRC).
Any ACLs that explicitly mention that SID will therefore not be accessible by your new administrator account.
A local administrator does have a trump card, which is the ability to change ownership of any files/folders. Once you've changed ownership (to yourself) then you can modify the ACL's on those files/folders.
However, there's no magic switch to allow to allow your administrator user to have full control AFAIK.
Darren
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Steve Losen Sent: 11 January 2011 12:08 To: toasters@mathworks.com Subject: Moved volume to new filer, administrator ACLs now invalid?
Greetings,
We replaced a filer named home2 with a new head. We physically moved disks from the old head to the new head. One of the volumes that we moved uses ntfs security style. I used to be able to map the volume/share as user home2\administrator and had "full contol" on everything.
Now, however, the home2\administrator user on the new head has a new SID while the ACLs in the volume display the old SID. So now Administrator has limited access rights (can't drill down into folders, can't change ACLs, etc.) Doesn't the local Administrator user trump the ACLs ?
Anyone have any suggestions? I'm a Unix guy with limited Windows knowledge.
By the way, the filer is a member of a Windows AD domain, but I'm not a domain admin, so I don't have a privileged AD account. That's why I use the local Administrator account. Do I need to get a domain admin to help me?
Steve Losen scl@virginia.edu phone: 434-924-0640
University of Virginia ITC Unix Support
To report this email as spam click https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== .
Member of the CSR plc group of companies. CSR plc registered in England and Wales, registered number 4187346, registered office Churchill House, Cambridge Business Park, Cowley Road, Cambridge, CB4 0WZ, United Kingdom
-
Darren Sykes -
Steve Losen