ONTAP Discussions

NetApp PowerShell Toolkit NFS Reporting




using the NetApp PowerShell Toolkit  (Versions 3.1 and 9.7) I want to get a report about all the NFS exports.

So I used the cmdlet Get-NcNfsExport. But, the result lists write access at the root too. There is no write access, only read. Is this a bug of the cmdlet. Does anybody use this cmdlet too?






You need to start off updating your cmdlets, there is a much later version out.


Once that is done, please paste the command you are running


Thank you for answering.

I do not agrree. This version is from 11/2019 (9.7). Where do you find a newer one?



I'm confused, are you saying ontap 9 9.7 and powershell toolkit 3.1 or powershell toolkit 9.7


Either way, paste your command


Sorry, here the version information:


PSTK 9.6 (Installfile was named NetApp_PowerShell_Toolkit_9.7.0.msi, OntapiPS.dll 14.11.2019, Product Version


the command I used is

Get-NcNfsExport -VserverContext svm_xxxxx_nfs | select -ExpandProperty securityrules


First output is this (edited):

Pathname SecurityRules
-------- -------------
/ {False, False, False, False...}

Anon : 65534
NcController : clustername
Nosuid : False
ReadOnly : {several IP addresses and networks...}
ReadWrite : {several IP addresses and networks...}
Root : {several IP addresses and networks...}
SecFlavor : {sys}
NosuidSpecified : True


Wrong are the entrys at ReadWrite and Root. They have to be empty.


Can you share the output of the following commands? 


From the ONTAP CLI - "export-policy rule show -vserver <your SVM> -policyname default

From PowerShell - "(Get-NcNfsExport -VserverContext <your SVM> -Path /).SecurityRules"


We should be able to figure out from there what's going on - thanks!   


here is the CLI output (RW Access Rule: never):

2020-02-06 15_31_59-Window.jpg


Your "Superuser Security Types" for that rule index is set to "Any", so the "Root" output is correct based on how that portion of the rule is set up currently. However, it does look like the output is incorrect when the rwrule setting is set to "never" for some reason. In my lab, when I duplicated your policy but set the rwrule to "none", it returned a null value for the "ReadWrite" property. 


I tested it in the actual ZAPI call too and it is incorrect there as well. Looks like a bug of some sort.