B.16 nsschown

Use this utility to change and list the owners of the NSS files and directories, to identify the files and directories that have obsolete owners, and to list or change the files owned by a owners in a directory or volume level. It is available from Open Enterprise Server 11 SP2 onwards.

B.16.1 Syntax

nsschown -l <path> -r <yes/no> {-g <oldGUID> | -S <oldSID> | -u <olduserFDN> | -U <oldADUserName> | -a | -i [-b <bind_FDN>] [-p <password>]} [-n <newuserFDN> | -N <newADUserName>] [-e]

NOTE:nsschown utility does not support paths containing *.

B.16.2 Options

Usage Options

-l <path>

To list or replace the ownership of a specified directory.

-r <yes/no>

To list or replace the ownership of the specified directory, the files and sub-directories. The default is yes and that will list or replace the entire directory. If set to no, it will list or replace only the specified directory or file.

-g <oldGUID>

To list or replace all the files and directories with a specified owner GUID.

-S <oldSID>

To list or replace all files and folders with a specified owner’s SID.

-u <Old_User_FDN>

To list or replace all the files and directories with a specified owner. The owner can be a fully qualified FDN or root.

-U <oldADUserName>

To list or replace all files and folders with specified active directory owner. It can be DN or root. The AD user name format is NETBIOSNameOfDomain\\username.

-a

To list or replace all the files and directories irrespective of the current owner.

-i

To list or replace all the files and directories having invalid owner IDs.

-b <Bind_FDN>

Provide a user FDN that has browse rights at root tree level. This user will be used to login to the eDirectory tree for doing a tree-wide lookup for owner GUIDs. By default, [Public] has browse tree right. User FDN and password must be provided if [Public] does not have browse tree rights.

-p <password>

Provide the appropriate user FDN password for the eDirectory login. Failing which you will be prompted to provide a password.

-n <new_user_FDN>

To replace the ownership of all the files or directories found with the new user. It can be FDN or root.

-N <newADUserName>

To change the ownership of all the files and folders with the new active directory user. It can be DN or root. The AD user name format is NETBIOSNameOfDomain\\username.

-e

To list or replace the owner of all extended attributes and data streams.

-v

To display the program version information.

Examples

  • To list the owners of all files and directories under the directory named “dir”:

    nsschown -l CVOL:dir -a

  • To list the owners of all the files and directories under the directory named “dir” along with all the extended attributes and data streams:

    nsschown -l CVOL:dir -a -e

  • To replace owners of all files and directories under “CVOL:dir” that have owner GUID as “1234567a-7834-0000-00-12-123456781234” with the user “.newuser.context.tree.”. This includes all files and sub-directories under the “dir” directory.

    nsschown -l CVOL:dir -g 1234567a-7834-0000-00-12-123456781234 -n .newuser.context.tree.

  • To replace owners of all files and directories under “CVOL:dir” that have owner name as “.olduser.context.tree.” with the user “.newuser.context.tree.”. This includes all files and sub-directories along with all the extended attributes and data streams under the “dir” directory.

    nsschown -l CVOL:dir -u .olduser.context.tree. -n .newuser.context.tree. -e

  • To replace the ownership of “CVOL:dir” alone with the new user “.newuser.context.tree.”.

    nsschown -l CVOL:dir -r no -a -n .newuser.context.tree.

  • To list all files and directories under “CVOL:dir” that have invalid owners, and the eDirectory login credentials used to valid the owners are “.loginuser.context.tree.” and “password123”.

    nsschown -l CVOL:dir -i -b .loginuser.context.tree. -p password123

  • To replace all the owners of all files and directories under “CVOL:dir” that have owner’s SID as S-1-2-21-3975909043-813829848-2338043596-1107 with the eDirectory user .newuser.context.tree.

    nsschown -l CVOL:dir -S S-1-2-21-3975909043-813829848-2338043596-1107 -n .newuser.context.tree.

  • To replace all the owners of all files and directories under “CVOL:dir” that have owner’s SID as S-1-2-21-3975909043-813829848-2338043596-1107 with the Active Directory user NETBIOSNameOfDomain\\joe.

    nsschown -l CVOL:dir -S S-1-2-21-3975909043-813829848-2338043596-1107 -N NETBIOSNameOfDomain\\joe

  • To replace all the owners of all files and directories under “CVOL:dir” that have AD owners NETBIOSNameOfDomain\\fromUser with the new AD owner NETBIOSNameOfDomain\\toUser.

    nsschown -l CVOL:dir -U NETBIOSNameOfDomain\\fromUser -N NETBIOSNameOfDomain\\toUser

  • To replace all the owners of all files and directories under “CVOL:dir” that have AD owners NETBIOSNameOfDomain\\fromUser with the new eDirectory owner .newuser.context.tree.

    nsschown -l CVOL:dir -U NETBIOSNameOfDomain\\fromUser -n .newuser.context.tree.