Active IQ Unified Manager Discussions

Create suid export-policy rule

john_szakacs
3,521 Views

   I am trying to create a cDOT export-policy rule that has 'allow-suid' set to true.

   The "Create export rule" does not have a reference to the allow-suid flag

   I created a new command and extended the command code to include it:

----/--

Added the parameter:

   [parameter(Mandatory=$true,HelpMessage="Allow SUID")]

   [string]$Suid

I added it to the expression:

... -ReadWriteSecurityFlavor" + $RwRule + " -allow-suid " + $Suid

That threw an error on unknown element

Created a new definition called SZ_Export_SUID_Rule and added a line with allow-suid

Changed the parameter in the command to reference that new definition and still get the errors.

What am I doing wrong?

Thanks in advance for the help.

-John

1 ACCEPTED SOLUTION

sinhaa
3,378 Views

John,

     WFA commands user cDOT Powershell Tookit cmdlets and not cDOT CLI commands. So for this export-rule create command, the cmdlet New-NcExportRule doesn't have any -allow-suid parameter. It uses a switch -EnableSetUid

So you can do the following:

## begin###

[parameter(Mandatory=$true,HelpMessage="Allow SUID true/false")]

   [bool]$Suid

if($Suid)

{

  $expression = "New-NcExportRule -ErrorAction Stop -VserverContext " + $VserverName + " -Policy " + $PolicyName + " -ClientMatch " + $ClientMatch + " -ReadOnlySecurityFlavor " + $RoRule + " -ReadWriteSecurityFlavor " + $RwRule + " -EnableSetUid"

}

else {

  $expression = "New-NcExportRule -ErrorAction Stop -VserverContext " + $VserverName + " -Policy " + $PolicyName + " -ClientMatch " + $ClientMatch + " -ReadOnlySecurityFlavor " + $RoRule + " -ReadWriteSecurityFlavor " + $RwRule + " -DisableSetUid"

}

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

3 REPLIES 3

abhit
3,378 Views

When are you getting this error?

Did you do a Discover Paramaters after you added the new parameters to the command?

Regards

Abhi

sinhaa
3,379 Views

John,

     WFA commands user cDOT Powershell Tookit cmdlets and not cDOT CLI commands. So for this export-rule create command, the cmdlet New-NcExportRule doesn't have any -allow-suid parameter. It uses a switch -EnableSetUid

So you can do the following:

## begin###

[parameter(Mandatory=$true,HelpMessage="Allow SUID true/false")]

   [bool]$Suid

if($Suid)

{

  $expression = "New-NcExportRule -ErrorAction Stop -VserverContext " + $VserverName + " -Policy " + $PolicyName + " -ClientMatch " + $ClientMatch + " -ReadOnlySecurityFlavor " + $RoRule + " -ReadWriteSecurityFlavor " + $RwRule + " -EnableSetUid"

}

else {

  $expression = "New-NcExportRule -ErrorAction Stop -VserverContext " + $VserverName + " -Policy " + $PolicyName + " -ClientMatch " + $ClientMatch + " -ReadOnlySecurityFlavor " + $RoRule + " -ReadWriteSecurityFlavor " + $RwRule + " -DisableSetUid"

}

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

john_szakacs
3,378 Views

Sinhaa -

    Very helpful.  I will take a look at that toolkit for future reference.  Thanks much!

Cheers,

john

Public