ONTAP Discussions

Script needed - Which CIFS shares are also exported to Linux?

Livewire18
3,039 Views

We are in the process of upgrading a few hundred SVMs to VFilers to LDAP and part of the project I am being asked to gather a list for our Linux support group. They are wanting to gather a list of all CIFS share that ALSO are exported. I have beeing digging through things for a while and here is what I believe needs to be done. 

Cluster Mode

1) Gather All Namepsaces that do not have default export policy (will work for us as we never use default)

2) Gather list of all export policies

3) Gather list of all CIFS Shares

This shouldn't be to bad, but will be time consuming because it is over about 100 Cluster/7 Mode HA Pairs. 

Then, it is really working the data in Excel to determine overlaps. 

 

BUT. We do have OCUM and DFM running, along with WFA so I can connect to the MySQL Database and cross reference also, but this is where I am getting lost.

 

Just so that I am not re-creating the wheel here, does anyone have a script or MySQL select statement already made?

4 REPLIES 4

asulliva
3,004 Views

Hello @Livewire18,

 

I can't help with an OCUM query, but getting the information using the PowerShell toolkit is relatively easy...

 

Get-NcVserver | ?{ $_.VserverType -eq "data" } | %{
    $svm = $_.Vserver

    Write-Host "SVM $($svm)"

    Get-NcVol -Vserver $svm | ?{ $_.JunctionPath -ne $null -and $_.VolumeExportAttributes.Policy -ne $null -and $_.VolumeStateAttributes.IsVserverRoot -eq $false } | %{
        $volName = $_.Name

        $share = $false

        Get-NcCifsShare -VserverContext $svm -Query @{ Path = "!/" } | %{
            if (($_.Path -split "/")[1] -eq $volName) {
                $share = $true
            }
        }
        
        $cifs = $false
        $nfs = $false

        Get-NcExportPolicy -Vserver $svm -Name $_.VolumeExportAttributes.Policy | Get-NcExportRule | %{
            if ($_.Protocol -contains "nfs" -or $_.Protocol -contains "any") {
                $nfs = $true
            }

            if ($_.Protocol -contains "cifs" -or $_.Protocol -contains "any") {
                $cifs = $true
            }
        }

        if ($cifs -and $nfs) {
            Write-Host -NoNewline -ForegroundColor Blue "  Volume $($volName) is accessible by CIFS and NFS"
        } elseif ($cifs -and !$nfs) {
            Write-Host -NoNewline -ForegroundColor Yellow "  Volume $($volName) is accessible by CIFS"
        } elseif ($nfs -and !$cifs) {
            Write-Host -NoNewline -ForegroundColor Cyan "  Volume $($volName) is accessible by NFS"
        } else {
            Write-Host -NoNewline -ForegroundColor Red "  Volume $($volName) is junctioned, but has no export rules"
        }

        if ($share) {
            Write-Host -NoNewline -ForegroundColor Magenta " and has a CIFS share configured"
        }

        # add the newline
        Write-Host
    }
}

This would change a bit for 7-mode systems, but the principles are the same.

 

Hope that helps.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Livewire18
2,960 Views

Thanks, this gets me going in the right direction at least. 

There is only one concern though. It does not look like this includes qtree exports. Is that correct?

asulliva
2,943 Views

Correct, I didn't include anything for qtrees...it only checks to see if the volume is junctioned and there is an export policy with cifs and/or nfs enabled.

 

Andrew

If this post resolved your issue, please help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Livewire18
2,902 Views

@asulliva 

THANKS FOR  YOUR HELP!

 

It's getting closer. I have made some changes and added some comments, but I am still lacking a bit. I cannot figure out hot to iterate throught the Namespace qtree's. Currently, it is only showing the volume level Namespaces which doesn't help much. 

 

 

This is what I am trying to gain.

 

1) If Volume is Exported (but not to default or no_access Export Policies) then list the volume and all qtrees IF they are also CIFS shares.

2) If the Volume is not exported (or is exported to default or no_access), but the qtree's are exported and shared CIFS then list just the qtree's. 

 

I think I have 90% of it now (THANKS!) but I need the qtree namespaces to be included for a complete list. 

 

# run - Import-Module DataOntap
# run - Connect-NcController xxx.xxx.xxx.xxx or hostname


#Get all SVM's on a Cluster
Get-NcVserver | ?{ $_.VserverType -eq "data" } | %{
    $svm = $_.Vserver
    
    #Write-Host -ForegroundColor Red "`tSVM $($svm)"

    
    #Get all volumes from SVM
    Get-NcVol -Vserver $svm | ?{ $_.JunctionPath -ne $null -and $_.VolumeExportAttributes.Policy -ne $null -and $_.VolumeStateAttributes.IsVserverRoot -eq $false } | %{
        $volName = $_.Name
        $junctionpath = $_.JunctionPath

        $share = $false

            #Determine if any CIFS shares exist on Volume
            Get-NcCifsShare -VserverContext $svm -Query @{ Path = "!/" } | %{
            
                if (($_.Path -split "/")[1] -eq $volName) {
                   
                    $share = $true
                    }
            }
        
            $nfs_and_cifs = $false

            #Check Export Policy for volume
            Get-NcExportPolicy -Vserver $svm -Name $_.VolumeExportAttributes.Policy | Get-NcExportRule | %{
        
                #If export policy is Default or No_Access, ignore it
                if ($_.PolicyName -ne "default" -and $_.PolicyName -ne "no_access") {
                
                    if (($_.Protocol -contains "nfs" -and "cifs")-or $_.Protocol -contains "any") {
                        $nfs_and_cifs = $true
                    }
                }
            }
        
            Write-Progress -Activity "Scanning Volume $volName"
        
            #Check if accessible by CIFS and NFS and is a share       
            if (($nfs_and_cifs) -and ($share)){
                Write-Host -ForegroundColor Green "`t`t$($svm):$junctionpath `t(Volume $volName)"
                Get-NcCifsShare -VserverContext $svm -Query @{ Path = "!/" } | %{
            
                if (($_.Path -split "/")[1] -eq $volName) {
                    write-host "`t`t`t`t$($svm):$($_.Path)"
                }
         }
        } 


        
    }
}
Public