Passing parameters which include spaces / blank

narendrathawani · ‎2014-08-30

I’m trying to create a workflow where I need to remove the default "MyDomin\Domain Admins" Member from "BUILTIN\Administrators" Group on a SVM.

On command line, it works as follows:

nas002::> vserver cifs users-and-groups local-group show-members -vserver nas0029 -group-name BUILTIN\Administrators

Vserver Group Name Members

-------------- ---------------------------- ------------------------

nas0029 BUILTIN\Administrators NAS0029\Administrator

MyDomain\Domain Admins

2 entries were displayed.

nas002::> vserver cifs users-and-groups local-group remove-members -vserver nas0029 -group-name BUILTIN\Administrators -member-names "MyDomain\Domain Admins"

nas002::> vserver cifs users-and-groups local-group show-members -vserver nas0029 -group-name BUILTIN\Administrators

Vserver Group Name Members

-------------- ---------------------------- ------------------------

nas0029 BUILTIN\Administrators NAS0029\Administrator

nas002::>

But I couldn't make it work on either Powershell or on WFA.

PS C:\Users\abc> Remove-NcCifsLocalGroupMember -Name BUILTIN\Administrators -Member "MyDomain\Domain Admin"
Remove-NcCifsLocalGroupMember : Failed to resolve name "Admin".
At line:1 char:30
+ Remove-NcCifsLocalGroupMember <<<< -Name BUILTIN\Administrators -Member "MyDomain\Domain Admin"
+ CategoryInfo : InvalidOperation: (nas002:NcController) [Remove-NcCifsLocalGroupMember], EAPIERROR
+ FullyQualifiedErrorId : ApiException,DataONTAP.C.PowerShell.SDK.Cmdlets.Cifs.RemoveNcCifsLocalGroupMember

PS C:\Users\abc>

On WFA, I created a custom command and passing the values as follows:

Remove-NcCifsLocalGroupMember -Name $LocalGroupName -Member $UserOrGroupName -ErrorAction Stop

And I get the same error message

Failed to resolve name "Admins".

The command is not accepting blank with -Member "MyDomain\Domain Admin" (on PowerShell command line) or "MyDomain\\Domain Admin"

on WFA.

Has anyone run into issues with passing blank / space ?

Thanks,

sheelnidhig · ‎2014-09-01

Try singles quotes (') instead of double quotes (").

,Sheel

olson · ‎2014-09-04

This is a known issue

use “`”Domain Admins`””

To get around the problem.

victor_sylvester · ‎2014-09-11

I am having a similar problem, using powershell to add a domain user or group with spaces to a local VSM group.

I have used:

add-NcCifsLocalGroupMember -VserverContext uklontst700 -name BUILTIN\Administrators -member "BAM\UK Lon G ISS Wintel"

add-NcCifsLocalGroupMember -VserverContext uklontst700 -name BUILTIN\Administrators -member “"BAM\UK Lon G ISS Wintel"”

and

add-NcCifsLocalGroupMember -VserverContext uklontst700 -name BUILTIN\Administrators -member "`"BAM\UK Lon G ISS Wintel`""

None of which have worked.

narendrathawani · ‎2014-09-11

For now, I'm using ssh and seems to be working .. till we have a fix.

$commandString = "vserver cifs users-and-groups local-group remove-members -vserver " + $StorageVirtualMachineName + " -group-name BUILTIN\administrators -member-names " + " `"MS\Domain Admins`" "

Get-WFALogger -Info -message $("Removing Local User or Active Directory User or Group MS\Domain Admins on the Storage Virtual Machine " + $StorageVirtualMachineName + " from Local Group BUILTIN\administrators.'")

$result=Invoke-NcSsh -ErrorAction Stop -Command $commandString
if ($result.Value.Contains("Error:"))
{
$ErrorIndex=$result.Value.IndexOf("Error:")
throw $result.Value.SubString($ErrorIndex)
}

CoryM · ‎2016-09-14

Thanks Olson! That got me down the right track. I had to use that along with a double backslash:

#rsh [vfiler] cifs access [Share] " ' "Domain\\Domain Admins" ' " Full Control

I put the space between the double and single quotes only for better visibility here. The actual command had them right next to each other.

Cheers!

PHILIPALBERT · ‎2017-03-08

Anyone been able to make it work with multiples blank spaces?

It's working with the quotes for a group name with a single space, but if I have multiple it's not.

Exemple:

Is working:

cifs users-and-groups local-group add-members -vserver MyVserver -group-name builtin\Users -member-names "MyDomain\Domain Users"

Is NOT working:

cifs users-and-groups local-group add-members -vserver MyVserver -group-name builtin\Users -member-names "NT AUTHORITY\Authentificated users"

Thanks

sinhaa · ‎2017-03-09

@PHILIPALBERT

Are you trying from WFA? If yes then use Powershell cmdlets instead of SSH using Invoke-NcSsh to get this done. Powershell cmdlets have great advantage over running SSH commands.

Make sure the user exists Else Create it. Example I have multiple spaces in name

New-NcCifsLocalUser -UserName 'abhi kumar sinha' -Password (ConvertTo-SecureString “Netapp1!” -AsPlainText -Force) -VserverContext test_vserver

Now Add this user to Builtin\Users group

Add-NcCifsLocalGroupMember -Name BUILTIN\Users -Member 'abhi kumar sinha' -VserverContext test_vserver

Now you can see all Groups and the members in it:

Get-NcCifsLocalGroupMember -Vserver test_vserver

sinhaa

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

PHILIPALBERT · ‎2017-03-09

Hi sinhaa,

I'm not using WFA or powershell, I was writing the command using ONTAP cli.

Passing parameters which include spaces / blank

Get ready to power on