User are shows as a member of a local group when they are not a member of that group
Applies to
- ONTAP9
- Local CIFS Groups
- NTFS
Issue
- For a given local group, a user is not a member but still has access to files as a member of that group:
cluster::> cifs users-and-groups local-group show-members -vserver SVM1 -group-name BUILTIN\Users
There are no entries matching your query.
- The output of
access-check authentication show-creds
for that user reports that the user is a member of the group (must be run from advanced mode):
cluster::*> access-check authentication show-creds -node cluster-01 -vserver SVM1 -win-name User1
(vserver services access-check authentication show-creds)
UNIX UID: pcuser <> Windows User: DOMAIN\User1 (Windows Local User)
GID: pcuser
Supplementary GIDs:
pcuser
Primary Group SID: DOMAIN\None (Windows Domain group)
Windows Membership:
BUILTIN\Users (Windows Alias)
User is also a member of Everyone, Authenticated Users, and Network Users
Privileges (0x2237):
SeBackupPrivilege
SeRestorePrivilege
SeTakeOwnershipPrivilege
SeSecurityPrivilege
SeChangeNotifyPrivilege