By default, a newly created SnapLock Enterprise volume does not allow privileged delete operations. The initial state of the privileged delete feature in a SnapLock Enterprise volume is off. Therefore, to use privileged delete, you need to enable the privileged delete option in the SnapLock Enterprise volume.
You can transition the volume option between the three values. However, you cannot enable the privileged delete functionality on a volume for which the option is disallowed.
The SnapLock log captures any change made to the privileged delete configuration, along with the delete events. Therefore, before transitioning between the privileged delete options on the volume, you must assign a SnapLock log volume in the system. In certain scenarios, where the volume option for the privileged delete feature is set to on, the privileged delete operations might fail. This happens because the SnapLock log file is unavailable. For example, it can happen when the SnapLock log volume is offline.
In the case of a volume SnapMirror relationship, the state of the privileged delete option on the source volume is transparently transferred to the destination volume. If a SnapLock Enterprise volume in disallowed state is a volume SnapMirror destination and you use a vsm transfer, vol copy, or aggr copy command to transfer data from the source volume, the SnapLock Enterprise volume can transition out of the disallowed privileged delete state to the privileged delete state of the source.
The SnapLock privileged delete functionality was introduced in the Data ONTAP 7.3 release family starting with release Data ONTAP 7.3.1; it was not available in earlier releases. If you revert to any release earlier than Data ONTAP 7.3, the privileged delete state of the SnapLock Enterprise volume is maintained. When the system is upgraded again to a Data ONTAP 7.3 or later, the saved privileged delete state of the SnapLock Enterprise volume is restored from the earlier saved volume metadata.