2019-02-15 12:53 PM
I'm trying to setup permissions for a CIFS share and we are on ONTAP 9.1p7. It seems every CIFS share I create defaults to a behavior of all files and folders created by any user to be owned by local user group "built-in\Administrators". I would like newly created files/folders to be owned by the creator.
Google is not being helpful.. The only thing found was a reference to a 2008R2 and below GPO, but that was depricated in 2012 and looks like ONTAP doesn't support it anyway.
Solved! See The Solution
1 REPLY 1
2019-02-20 04:30 AM
This is expected behaviour. Whenever you create file/folder using the user who is a member of Domain Admins group the owner for the file/folder will be domain Admins. Now, as domain admins is a part of builtin\administrator on storage, hence, we are mapping it to builtin\administrators.
Can be verified using below command:
::>cifs users-and-groups local-group show-members -vserver <vserver-name> -group-name BUILTIN\Administrators
If you would like to create a file/folder with owner as creator, then make sure that user is NOT a member of Domain Admin groups.
FYI: Member of Domain Admin groups can take/change ownership of any file/folder.
This is Microsoft client behaviour.
you can check refer below links: