Skip to main content
NetApp Knowledge Base

User are shows as a member of a local group when they are not a member of that group

Views:
360
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP9
  • Local CIFS Groups
  • NTFS

Issue

  • For a given local group, a user is not a member but still has access to files as a member of that group:

cluster::> cifs users-and-groups local-group show-members -vserver SVM1 -group-name BUILTIN\Users
There are no entries matching your query.

 

  • The output of access-check authentication show-creds for that user reports that the user is a member of the group (must be run from advanced mode):

cluster::*> access-check authentication show-creds -node cluster-01 -vserver SVM1 -win-name User1
  (vserver services access-check authentication show-creds)

 UNIX UID: pcuser <> Windows User: DOMAIN\User1 (Windows Local User)
 
 GID: pcuser
 Supplementary GIDs:
  pcuser

 Primary Group SID: DOMAIN\None (Windows Domain group)

 Windows Membership:
  BUILTIN\Users (Windows Alias)
 User is also a member of Everyone, Authenticated Users, and Network Users

 Privileges (0x2237):
  SeBackupPrivilege
  SeRestorePrivilege
  SeTakeOwnershipPrivilege
  SeSecurityPrivilege
  SeChangeNotifyPrivilege

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.