Dell DX6004S DX Object Storage Administration Guide - Page 25
Using Administrative Override, 4.7.1.1. Using Override to Delete an Object
View all Dell DX6004S manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 25 highlights
• Section 4.7.2, "Working With Inaccessible Objects" • Section D.1, "Restoring Domains and Buckets" • Section D.2, "Resolving Duplicate Domain Names in a Mirrored or Disaster Recovery (DR) Cluster" 4.7.1. Using Administrative Override Administrative override means bypassing the Castor-Authorization header as well as the Allow header, enabling you to perform any SCSP operation on an object. To use administrative override, you perform the SCSP operation using the admin query argument and authenticating with credentials from the CAStor administrator realm. For example, you can: • Delete an object that has delete restrictions because of security settings, Allow header, or both. • Get the user list for an object or upload a new user list to an object (for example, when a user forgets his or her password). • Restore access to an object that has an incorrect Castor-Authorization header. (For example, access to an object is limited to a realm that has no users.) • Access a deleted object. Important Do not change the Castor-Authorization header or user list on any object if the current header uses owner@ or @owner syntax object because when you do, you (the cluster administrator) become the object's owner and users in other realms cannot change the header later. Alternatively, ask the object's current owner to change the Castor-Authorization header or user list. For more information about owner@ or @owner, see the chapter on introducing security in the DX Object Storage Application Guide. 4.7.1.1. Using Override to Delete an Object For example, to delete an object named hello.html from cluster.example.com/mybucket as the default administrative user, you can use the following command: curl -X DELETE --location-trusted "http://172.16.0.35/mybucket/hello.html? admin" --anyauth -u "admin:ourpwdofchoicehere" --post301 -D admindelete.log If the object is not in the default cluster domain, you must pass in the domain name as the Host in the request. 4.7.1.2. Using Override to GET or APPEND User Lists If a user forgets if they have access to an object, you can use administrative override to GET the user list to verify whether or not their user name is in the list. If a user forgets their password, you can use administrative override to update the user list with the user's name and with a new password. Although you can update a user list using PUT, Dell recommends you use APPEND because PUT replaces the user list, which might disable other users' access to the same object. Copyright © 2010 Caringo, Inc. All rights reserved 20 Version 5.0 December 2010