ONTAP Discussions
ONTAP Discussions
There is a requirement in my organization. I have to find the stale CIFS sessions and list them across the globe. Is there any command or process to find them?
Solved! See The Solution
You can do it with a couple lines of PowerShell (RegEx with the assist) which could easily be put into a script that loops through a list of all of your controllers.
Let's assume that you want to find sessions with an IdleTime value of greater than one day:
Connect-NcController <controller hostname or IP>
Get-NcCifsSession | ? {$_.IdleTime -Match '([1-9]+)d[\w\s]*'} | Select-Object WindowsUser,Address,IdleTime
It'll return output that looks like this:
WindowsUser Address IdleTime ----------- ------- -------- Domain\user1 10.0.0.42 28d 1h 50m 47s Domain\user2 10.0.0.218 26d 20h 34m 51s Domain\user3 10.0.0.219 1d 9h 15m 6s
Here's an explanation of what the RegEx pattern does, for reference:
Donny
From storage end, you can run below command to list all the cifs sessions:
::> cifs session show
You can use question mark followed by this command which will list out many filters which can be used.
Use "-instance" followed by complete command to get more details about cifs sessions.
From windows client, you can use below command to list out cifs sessions:
>net use
Stale cifs sessions can be found out by listing cifs sessions on storage end and comparing them with sessions running on client. If sessions are available on client but not listing out in storage then those sessions are stale and will not be accessible.
Let me know if this answers your query.
Hi @ManpreetS
I know how to check CIFS sessions on NetApp, but here is the actual requirement, we are trying to write a script to find the stale sessions in all the NetApp Arrays. If you know how to proceed further. Please guide me through the process.
You can do it with a couple lines of PowerShell (RegEx with the assist) which could easily be put into a script that loops through a list of all of your controllers.
Let's assume that you want to find sessions with an IdleTime value of greater than one day:
Connect-NcController <controller hostname or IP>
Get-NcCifsSession | ? {$_.IdleTime -Match '([1-9]+)d[\w\s]*'} | Select-Object WindowsUser,Address,IdleTime
It'll return output that looks like this:
WindowsUser Address IdleTime ----------- ------- -------- Domain\user1 10.0.0.42 28d 1h 50m 47s Domain\user2 10.0.0.218 26d 20h 34m 51s Domain\user3 10.0.0.219 1d 9h 15m 6s
Here's an explanation of what the RegEx pattern does, for reference:
Donny
Looks like you weren't able to successfully connect to your controller. Can you run "system services web show" from the ONTAP CLI and paste the output here?
Do you possibly have a firewall policy blocking the traffic? I'm assuming that you're connecting to your cluster management LIF in your screenshot - can you run "system services firewall policy show" and "net int show -role cluster-mgmt -fields firewall-policy" to make sure that your connection is allowed?
Can you try manually specifying an HTTPS connection by adding the "-HTTPS" parameter in your "Connect-NcController" command?
What version of ONTAP are you running?
Hi @donny_lang
I will test this script in LAB and see if it works as there will be no restrictions in LAB.
Thanks, Donny. I will get back to you soon.
You can also get it via CLI.
vserver cifs session show -node xxx -fields idle-time
You can then grep it for what you are looking for. Not as elegant as PS, but it gives you output.
Sorry; a better method to show you sessions idle for > than number of days would be:
vserver cifs session show -idle-time \>=1d
This would list all sessions idle over 1 day, the user, and the machine IP utilizing it.
hi @Tas
It was not successful. Please find the output below
cluster1::> vserver cifs session show -idle-time \>=1m
Error: "\>=1m" is an invalid value for field "-idle-time <elapsed>"
Yes. Sorry, but don't use the '\' if you are running directly in a session.
You only need to use it if you are scripting it, so you can escape the > (redirect symbol).
TasP
Hi @Tas
I have tried with both, but no use.
Script:
import paramiko
#Below line will initiate an object for ssh connectivity.
p = paramiko.SSHClient()
#Below line will open a the credential file in read mode where we have credential fo the devices.
cred = open("cred.csv","r")
#Now below is the for loop which will iterate over each line of the file and get the credential, login to the device and execute a command. Then the output of the command for each device will be saved in a text file.
for i in cred.readlines():
line=i.strip()
ls =line.split(",")
print(ls)
p.set_missing_host_key_policy(paramiko.AutoAddPolicy())
p.connect("%s"%ls[0],port =22, username = "%s"%ls[1], password="%s"%ls[2])
stdin, stdout, stderr = p.exec_command("vserver cifs session show -idle-time \>=1d")
opt = stdout.readlines()
opt ="".join(opt)
print(opt)
temp=open("%s.txt"%ls[0],"w")
temp.write(opt)
temp.close()
cred.close()
I have tried above script with \ and with out \, but i got error like below.
I would suggest you try it directly in an ssh session; then you will know whether it will work or not. I would also make you idle time >=1d to start testing.
BTW, you are running ONTAP (Clustered Ontap and not 7-mode?)