ONTAP Discussions
ONTAP Discussions
Please could someone tell me how to access /etc so I can edit files. This is without an NFS / CIFS license...
Can I use the cli etc....?
Hi,
You actually don't need CIFS license to access administrative ('hidden') share:
\\<your_filer_dns_name_or_ip_address>\c$
/etc is one of subdirectories in there.
Regards,
Radek
Hi Radek
This is what I thought originally, however it does not seem to work "No network provider accepted the given network path" - I have checked the machine is allowed admin access.
I noticed on page 40 of the DOT 8.0 7-Mode Admin Guide that it states you need a CIFS license for this type of admin access????
Regards
Weird one. It used to work like that for ages, but apparently it has changed recently (at least according to the admin guide).
The only trouble I had in the past accessing c$ share without CIFS license was around access rights problems when filer is not a part of AD domain.
Hi there,
question, which files you want edit ? You could use wrfile command
regards
Lutz
The FAS is not joined to the domain, is it worth joining if I will not be using cifs for data storage??? - Also, despite what the guide says, do you think joining the domain will allow cifs access to /etc (without license)?
I am looking to edit snapmirror.allow, however I would like to know how to edit all files (easly) for the future.....
this file is small, so you wouldn't have a problem with "wrfile", alternative you could set the "options snapmirror.access"
Please expand on options snapmirror.access (what is the diff?? etc).
How do I use wrfile?
Is there no other way to modify files etc?
Regards
Via PowerShell from a host running the Data ONTAP PowerShell Toolkit:
Connect-NaController DestinationFiler -Credential (Get-Credential)
Write-NaFile /vol/vol0/etc/snapmirror.allow -AppendLine "Sourcefiler"
This will connect to the controller "DestinationFiler" via HTTPS and prompt for credentials. After connecting it adds the controller "SourceFiler" to the snapmirror.allow file.
J
wrfile is dangerous. you use it like this. but best test it on an emulator before!
* open ssh to the filer console (with putty for example)
* type
rdfile /etc/rc
or whatever file you want to edit. It will print out the current contents of the file
* copy this content to a Notepad or other text editor
* edit/change anything you want in the text
* when you're done, type
wrfile /etc/rc
* then QUICKLY copy/paste your modified text into the SSH console
* press CTRL-C to save the file and you're done. try "rdfile" again to check your changes were correctly saved
the problem is that wrfile DELETES the file as soon as you enter the command so you must be prepared to paste in the new content
and if you forget to do CTRL-C at the end you will remain in "wrfile" mode and everything you type will end up in the file you tried to edit. Even if you logout SSH and later log in again, you will still be writing to the file, which can be quite annoying to say the least
please test on a simulator before you go productive
-Michael
This is great info, thanks
I often use the mv command prior to wrfile then I have a backup (or create a snapshot too)... "priv set advanced ; mv /etc/snapmirror.conf /etc/snapmirror.conf.ccyymmdd" then exactly as written above to rdfile, copy and edit in an editor then wrfile back. Worst case, I can mv from the ccyymmdd copy back to the original file name.
hi scott,
Careful my friend. MV as you know MOVES the file, it does not copy it. I ve made the mistake of using MV file before changing
a file and not have the content that was in the file prior to running MV command. That in fact created a new file that didnt
contain all info needed. It is an easy mistake to make.
the approach you suggest rather than using MV command create a snapshot of the root volume is much safer. If you have CIFS running, map the snapshot and be ready just in case. If you have not got CIFS access you can still restore using <snap restore> command.
you can also ADD to a file using wrfile ie,
wrfile -a /etc/hosts 192.168.1.2 hostname
This will add <192.168.1.2 hostname> to the end of an existing file. So long the entry is sane its a very safe approach.
Cheers,
Eric
I have never had a problem with mv and often use it... although in the wrong hands or misused it could be an issue. I don't like wrfile -a since the order of the file is hard to follow after. It can always be moved back... the error sometimes though on a typo can be bad for example copying or moving rc to hosts or vice versa. Creating a snapshot before anything always saves the day. Or rdfile on the new filename where it was moved and wrfile back if move to the wrong place. More of what the admin is comfortable with and prefers.
options snapmirror.access is the newer way to allow systems access for snapmirror pulls. You would use it just like any other options setting for hosts. The syntax from the man page is below:
options snapmirror.access host=systemA,systemB
I had same problem browsing both /etc$ and /c$ resolved after running CIFS setup again selecting 1) Active Directory domain authentication I could access from a server in the same domain.
The problem as I saw it was correct authentication from my Win7 box on a different domain (not even part of same forest), once using a box in same domain I wasn't even challenged and could browse both.
In my simulator I use a username local to the controller. if user ADM exists on the controller you should be able
to login using
local\ADM
in the authentication box. Im not 100% sure if that would work in AD mode as I always run my SIMs in workgroup mode (local file authentication). Still worth a try. If you try can you feedback here please?
Cheers,
Eric
Hello nsitps1976
Going by the old adage of 'better late than never,' the following might help.
Run the following lines from the CLI (please be careful if this is a production box):
options sftp.enable on
options sftp.auth_style unix
options security.admin.authentication nsswitch
wrfile -a /etc/passwd sftpuser:_J9..IMv76dJgB/sqpf.:0:1::/:
wrfile -a /etc/group daemon:*:1:
Then you can use WinSCP or a similar SFTP program to log into the Filer with username=sftpuser and password=cifs*123 and have your way with the /etc folder. This does not need CIFS or NFS license.
The following blog post has more details: http://cosonok.blogspot.com/2012/01/netapp-data-ontap-81-enabling-sftp.html
Cheers
Very handy - thanks David...