Table of ContentsView in Frames

How privileged delete works

By default, a newly created SnapLock Enterprise volume does not allow privileged delete operations. The initial state of the privileged delete feature in a SnapLock Enterprise volume is off. Therefore, to use privileged delete, you need to enable the privileged delete option in the SnapLock Enterprise volume.

Each SnapLock Enterprise volume has one of the following options for the privileged delete functionality:

You can transition the volume option between the three values. However, you cannot enable the privileged delete functionality on a volume for which the option is disallowed.

The SnapLock log captures any change made to the privileged delete configuration, along with the delete events. Therefore, before transitioning between the privileged delete options on the volume, you must assign a SnapLock log volume in the system. In certain scenarios, where the volume option for the privileged delete feature is set to on, the privileged delete operations might fail. This happens because the SnapLock log file is unavailable. For example, it can happen when the SnapLock log volume is offline.

The privileged delete state of the SnapLock Enterprise volume is a property of the data contained in the SnapLock Enterprise volume. For SnapLock Enterprise volumes, the initial state of the privileged delete feature is off; for SnapLock Compliance volumes, the initial state of the privileged delete feature is disallowed. In addition, when you upgrade a SnapLock Enterprise volume to Data ONTAP 7.3 for the first time, the initial state of the privileged delete feature is off. You can transition the privileged delete state of a SnapLock Enterprise volume to on, off, or disallowed by using the snaplock options command.
Note: When you transition a SnapLock Enterprise volume to disallowed privileged delete state, you cannot use the snaplock options command to change the state again.

In the case of a volume SnapMirror relationship, the state of the privileged delete option on the source volume is transparently transferred to the destination volume. If a SnapLock Enterprise volume in disallowed state is a volume SnapMirror destination and you use a vsm transfer, vol copy, or aggr copy command to transfer data from the source volume, the SnapLock Enterprise volume can transition out of the disallowed privileged delete state to the privileged delete state of the source.

The SnapLock privileged delete functionality was introduced in the Data ONTAP 7.3 release family starting with release Data ONTAP 7.3.1; it was not available in earlier releases. If you revert to any release earlier than Data ONTAP 7.3, the privileged delete state of the SnapLock Enterprise volume is maintained. When the system is upgraded again to a Data ONTAP 7.3 or later, the saved privileged delete state of the SnapLock Enterprise volume is restored from the earlier saved volume metadata.