ONTAP Discussions

NetApp PowerShell Toolkit NFS Reporting

Wir_hier_in_LE
6,019 Views

Hi,

 

using the NetApp PowerShell Toolkit  (Versions 3.1 and 9.7) I want to get a report about all the NFS exports.

So I used the cmdlet Get-NcNfsExport. But, the result lists write access at the root too. There is no write access, only read. Is this a bug of the cmdlet. Does anybody use this cmdlet too?

 

Regards,

Holger

7 REPLIES 7

JGPSHNTAP
5,996 Views

You need to start off updating your cmdlets, there is a much later version out.

 

Once that is done, please paste the command you are running

Wir_hier_in_LE
5,993 Views

Thank you for answering.

I do not agrree. This version is from 11/2019 (9.7). Where do you find a newer one?

 

JGPSHNTAP
5,987 Views

I'm confused, are you saying ontap 9 9.7 and powershell toolkit 3.1 or powershell toolkit 9.7

 

Either way, paste your command

Wir_hier_in_LE
5,982 Views

Sorry, here the version information:

ONTAP 9.3P1

PSTK 9.6 (Installfile was named NetApp_PowerShell_Toolkit_9.7.0.msi, OntapiPS.dll 14.11.2019, Product Version 9.7.0.0)

 

the command I used is

Get-NcNfsExport -VserverContext svm_xxxxx_nfs | select -ExpandProperty securityrules

 

First output is this (edited):

Pathname SecurityRules
-------- -------------
/ {False, False, False, False...}

Anon : 65534
NcController : clustername
Nosuid : False
ReadOnly : {several IP addresses and networks...}
ReadWrite : {several IP addresses and networks...}
Root : {several IP addresses and networks...}
SecFlavor : {sys}
NosuidSpecified : True

 

Wrong are the entrys at ReadWrite and Root. They have to be empty.

donny_lang
5,983 Views

Can you share the output of the following commands? 

 

From the ONTAP CLI - "export-policy rule show -vserver <your SVM> -policyname default

From PowerShell - "(Get-NcNfsExport -VserverContext <your SVM> -Path /).SecurityRules"

 

We should be able to figure out from there what's going on - thanks!   

Wir_hier_in_LE
5,980 Views

here is the CLI output (RW Access Rule: never):

2020-02-06 15_31_59-Window.jpg

donny_lang
5,970 Views

Your "Superuser Security Types" for that rule index is set to "Any", so the "Root" output is correct based on how that portion of the rule is set up currently. However, it does look like the output is incorrect when the rwrule setting is set to "never" for some reason. In my lab, when I duplicated your policy but set the rwrule to "none", it returned a null value for the "ReadWrite" property. 

 

I tested it in the actual ZAPI call too and it is incorrect there as well. Looks like a bug of some sort. 

Public