Ok, this post is a bit confusing.

It appears you want share level or NTFS level permissions within the vfiler, b/c you keep mentioning share.

If you are looking for vfiler acccess for a vfiler administrators group it would be   get-nadomainuser -g administrators

If you want share/ntfs permissions, you need to use Windows Powershell cmdlets with AD to pull them, like get-acl

You're right maybe i'm mixing two things. I'm not really interested in acls at all.

My task is to verify if to any of  vFiler local groups are added more domain accounts from the same or other domains

How Can i list all vFiler local groups with all accounts added to them ?

Local Group Name       Accounts added to local GP   

User_1                           Domain_1\User_1

                                       Domain_1\test_user

                                       Domain_Paris\MariaS

Ok, now I assume you mean the groups on the vfiler,

Did somone create more groups?   if so, use get-nagroup

But if you just want administrators use get-nadomainuser -g administrators

How to use Get-NaGroup  in context of  vFiler ?

Get-NaGroup  displays groups for netapp controller not vfiler

I have hundreds of local groups in vFiler so need to script in some way, i have function displaying accounts in local vFiler groups but need to first list all local vFiler groups and pass it to that function.

At this moment I tried:

Get-NAGroup | %{ $Group = [ADSI]"WinNT://<MY_VFILER_NAME>/$_,group"; EnumLocalGroup $Group

this doesn't work of course because Get-NAGroup is giving groups from controller not from MY_VFILER_NAME

Function EnumLocalGroup i have found here:

http://www.rlmueller.net/PowerShell/PSEnumLocalGroup.txt

it does what i need ..lists domain accounts added to local vFiler groups but for declared in the script vFiler and declared local group on vFiler.

When i have lots of local groups in vfiler i need to pass all groups to that function in some way ..unfortunatelly i'm  totally fresh in powershell and its not that easy for me

i'm not quite sure what you are doing.. It's pretty simple... 

Connect to the vfiler directly either via rpc or https

Then run something like this

 get-nagroup | % {
$group = $_.name
get-nadomainuser -g $group | Select @{n='group';e={$group}},Name
}

At this point we are talking basic powershell and basic netapp powershell

tomorrow i will try to run the same command after 

Connect-NaController PhysicalFileName -Vfiler VfilerName

and will see if it will list domain accounts  for local vFiler groups 

wrong again

connect directly to the VFILER

connect-nacontroller vfilername

Unfortunately that line you wrote doesn't work

At line:1 char:36
+ get-nagroup | % { $group = $_.name get-nadomainuser -g $group | Select @{n='grou ...
+                                    ~~~~~~~~~~~~~~~~
Unexpected token 'get-nadomainuser' in expression or statement.
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : UnexpectedToken

Is what I wrote, what you typed?  NO

You need to hit enter after each line, exactly what you see above

and this is basic powershell at this point.. 

Sorry I can't assist anymore from here

I know it's very basic powershell and that somone from forum might know how to do it.

Yes, i wrote line by line, but  doesn't work anyway

It doesn't matter now because using function from

http://www.rlmueller.net/PowerShell/PSEnumLocalGro​up.txt

works exactly as i needed 

Get-NAGroup | %{ $Group = [ADSI]"WinNT://<MY_VFILER_NAME>/$_,group"; EnumLocalGroup $Group

thank you for your help

Cheers

Explorer

Hi,

Have you tried this?

Connect-NaController -Name <controller name> -Vfiler <vfiler name>

Get-NaGroup|ForEach-Object{
    "Group: $($_.Name)" 
    (Get-NaDomainUser -Group $_.Name).Name
}

I hope it helps you.