ONTAP Discussions

REST delete DACL ACEs - Everyone

ThatGuyJ
1,075 Views

I'm trying to delete the DACL ACEs for the "Everyone" user. Using REST delete /protocols/file-security/permissions/{svm.uuid}/{path}/acl/{user}. I'm putting in the path, Everyone as the user, and the svm uuid. The response I get is below.

{
"error": {
"message": "entry doesn't exist",
"code": "4",
"target": "user"
}
}

I can look up the DACL with vserver security file-directory show -vserver svm_name -path /vol_path and it clearly shows the Everyone DACL. Kind of at a loss as to why the REST call isn't finding it. What's really frustrating is that I got this to work at the end of the day earlier in the week, but I don't have notes on what I did. I may have cheated it with some CLI, but the REST should work. 

Any help would be much appreciated.

1 ACCEPTED SOLUTION

ThatGuyJ
1,070 Views

Ok, I'm just gonna keep answering my own questions within an hour of posting thing. I really hope someone reads this and has a good laugh. I feel real dumb, so I'm documenting my dumb so the next time I search for this I'll find my own post and be reminded that my younger self was an idiot too. The issue was that the body of the REST call didn't match up perfectly with the DACL. What I ended up doing was a GET /protocols/file-security/permissions/{svm.uuid}/{path} for the volume I was trying to remove the DACL on to see exactly what details were. Then I copied and pasted those details into the REMOVE call. Clean up the call a little (remove the user line and the synchronize line), hit go and it works. I think my forehead was getting soft beating it against the wall. So there ya go. I hope this helps someone. 🙄

View solution in original post

1 REPLY 1

ThatGuyJ
1,071 Views

Ok, I'm just gonna keep answering my own questions within an hour of posting thing. I really hope someone reads this and has a good laugh. I feel real dumb, so I'm documenting my dumb so the next time I search for this I'll find my own post and be reminded that my younger self was an idiot too. The issue was that the body of the REST call didn't match up perfectly with the DACL. What I ended up doing was a GET /protocols/file-security/permissions/{svm.uuid}/{path} for the volume I was trying to remove the DACL on to see exactly what details were. Then I copied and pasted those details into the REMOVE call. Clean up the call a little (remove the user line and the synchronize line), hit go and it works. I think my forehead was getting soft beating it against the wall. So there ya go. I hope this helps someone. 🙄

Public