Network and Storage Protocols
Network and Storage Protocols
Hi folks,
We have an extensive number of shares (over 1000 amongst many 1000s of shares) which have everyone file permissions, does anyone have any advice on how to identify these shares and which users are accessing the shares? Will any of the available NetApp tools provide this information?
Solved! See The Solution
That would be covered by "cifs session show," which also has an API.
From ONTAP CLI, this is what the command looks like:
cluster::*> cifs session show -node node1 -vserver SVM
Node: node1
Vserver: SVM
Connection ID Session ID Workstation Windows User Open Files Idle Time Connection Count
------------- ------------------- ---------------- ------------------ --------- ------------ -----------------
787226810 3801882510430830604 x.x.x.x NTAP\Administrator 3 10s 1
This is the REST API:
curl -X GET "https://clustername/api/protocols/cifs/sessions?return_timeout=15&return_records=true" -H "accept: application/json" -H "authorization: Basic YWRtaW46bmV0YXBwMSE="
From cluster CLI, use this command to find all shares with "Everyone" on the share ACL:
cifs share show -acl *Everyone*
That's for share-level permissions.
For file-level permissions, there's no easy way I know of outside of scripting out icacls.
I am aware of that but many thanks regardless. The problem I have is the shares are in the 1000s and the filers they're on are in the 100s so I need to script this somehow and get the users accessing each share so we can tie down the permissions to those users. It's a problem we've inherited.
That command also has a REST API you could use for a script.
For example:
curl -X GET "https://clusterIP/api/protocols/cifs/shares?acls.user_or_group=*Everyone*&return_records=true&return_timeout=15" -H "accept: application/json" -H "authorization: Basic YWRtaW46bmV0YXBwMSE="
This would be a sample of some of the output:
{
"svm": {
"uuid": "f6cc8539-75b3-11e9-8408-00a0986b1223",
"name": "sharename"
},
"name": "public",
"acls": [
{
"user_or_group": "Everyone"
}
All good but doesn't address the who is accessing the share question.
That would be covered by "cifs session show," which also has an API.
From ONTAP CLI, this is what the command looks like:
cluster::*> cifs session show -node node1 -vserver SVM
Node: node1
Vserver: SVM
Connection ID Session ID Workstation Windows User Open Files Idle Time Connection Count
------------- ------------------- ---------------- ------------------ --------- ------------ -----------------
787226810 3801882510430830604 x.x.x.x NTAP\Administrator 3 10s 1
This is the REST API:
curl -X GET "https://clustername/api/protocols/cifs/sessions?return_timeout=15&return_records=true" -H "accept: application/json" -H "authorization: Basic YWRtaW46bmV0YXBwMSE="