Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class

Unable to use NSS Rights Utility for AD users


I'm trying to use the "rights" command line tool to manage trustee rights for directories on an NSS volume.

I can use it without issue for eDirectory users however when I try to use it for AD users I get an error.

I referenced the documentation here:

and it says:

"For Active Directory users, use the netbios name of the AD domain followed by the user name. For example, NETBIOSNameOfDomain\\user. "

NFARM works fine however I am trying to automate some processes which require me to use this tool in a script.

Here is an example of what I've been trying:

rights -f folder delete domain\\username

This results in:

Error removing trustee: Error: -610. NITERR_UNKNOWN_ERROR.
Bad user name.

I have also tried using only one \ which I didn't expect to work and got almost the same error message except the error code was -601.  I have tried using quotes around the username and also the full user DN.  None of these worked either.

These servers were configured by a previous member of the team who left before I joined so I have inherited them without much knowledge of their history.

If anyone has any suggestions it would be appreciated.


1 Reply
Micro Focus Expert
Micro Focus Expert

Please try the command as follows:

rights -f folder delete domain\\username -a


You should include -a in the rights command when adding, modifying, or removing AD trustees.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.