2015-12-02 05:55 AM
There's a write up here https://kb.netapp.com/support/index?page=content&id=1010287, specifically Procedure 5, but I'm not sure how to apply this change on CDOT 8.3.1P1
2015-12-02 04:58 PM
You can refer the link https://library.netapp.com/ecm/ecm_download_file/ECMP1366834
2015-12-03 05:41 AM - edited 2015-12-03 06:13 AM
That is good document, but i dont see where it describes restricting the capability to domain admins only. Until I get this sorted i'm going to have to disable -snapdir-access.
EDIT: I tried a few more things and I am not able to restrict this functionality. if anyone has further information on this please let me know.
2016-09-07 06:07 AM
we have the same problem. There are for this CDOT KB Doc ID 8010364 and for 7Mode this KB Doc ID 1010287. In 7Mode that works with the workaround, when CDOT it does not go, there is the option Volume -snapdir-access, but if true then are previous version, the SnapShots visible to all users. Probably just the solution via GPO is hide the previous version tab.
A question for the round, someone has an idea ...?
2016-09-07 06:18 AM
we never went with the GPO route because fixing the Client side isn't a real solution. Right now I modify the variable as needed
vol modify -volume usershares -snapdir-access true
2016-09-07 06:37 AM - edited 2016-09-07 06:38 AM
our problem is, that we have to point 5 attempts from the document KB Doc ID 8010364. once -snapdir-access true, the user will have full access according to their ADS privileges on the tab Previous Version. We currently have a GPO that the normal user hides the recovery in use, only admins.