Here I will help you out   get-nahelp *shelf* ... View more

Those are two separate entire entities.  It's basic windows, two constructs, Share ACLs' and File System ACLs.   When you create a file system, the default permissions are everyone/full control.  I don't think that's modifiable.  Same with shares, you need to go edit them and create access lists.   But the standard practice in the industry is either   share level - everyone / full control or authenticated users - full control ntfs - this is where you lock the files down with security groups etc.   There is no concept of pushing down permissions from a share to a file system.     This is a good read - https://blog.varonis.com/the-difference-between-share-and-ntfs-permissions/ ... View more

You are displaying two different things.   You are displaying share level permissions vs ntfs file level permissions.       ... View more

I'm not sure what you are saying here. Are you talking Netapp share permission? Can you give us a deeper example ... View more

 Looks ok.   Try this   "set -privilege advanced -confirmations off; storage firmware download -node $($node) -package-url $($DownloadPath)"   ... View more

That's not correct.   Since you are talking 7-mode, you need to look at the snap sched commands    snap sched vol0   snapmirror.conf only applies to the destination snapmirror to tell it when to mirror ... View more

Well, what's interesting is I just fed in `n = new line in powershell.  I tried what you did with - but it told me - isn't valid.  Then I asked myself why did it show me that - with the policy with no label.   I also tried $null, no dice.   I think it's a bug and should be fixed  "" should work ... View more

First of all, you always want to try to use the builtin cmdlets when they are available.   Look at get-ncsystemversion.  That should do the trick.   I only tend to use invoke-ncssh when necassary ... View more

To my knowledge, the snaps will stay ... View more

Time to upgrade my friend.  7.3.x is VERY old.  Almost ancient at this point ... View more

When you add the other two roles to security login, when you login via the webbrowser you need to login as    domain\userid password ... View more

Nope ... View more

You can thin provision it and your problem will go away.   vol options volname fs_size_fixed off    Then you can either resize it.   Fractional reserve only plays into it if you have luns.   ... View more

At this point it's either something very simple that we are missing or something complex, which I don't think.  I'm going with the first one.   I would suggest opening a case b/c it should work.   Have you tried to create a brand new vserver in the lab and start from scratch to see if things work. ... View more

We have a very large environment as well and i cannot for the life of me figure out why something so trivial isn't working.   Ok, try this   in cDOT   go to diag mode (set d)   diag sec  login-cifs -vserver smvname -user domain\userid -node node   When the command returns, at the bottom you should see this   BUILTIN\Administrators (Windows Alias) BUILTIN\Users (Windows Alias) User is also a member of Everyone, Authenticated Users, and Network Users Privileges (0x22b7): SeBackupPrivilege SeRestorePrivilege SeTakeOwnershipPrivilege SeSecurityPrivilege SeChangeNotifyPrivilege Authentication Succeeded.     Make sure you are using an account in builtin\adminsitrators   Let me know if you get a response back   If not, sometimes secd cache is jacked up.  I've seen this happen   ... View more

Ok, so you explicitly remove builtin\adminstrators when you are provisioning and then you want it back to a standard as what you are saying?   I personally believe you are making your life more difficult.   We always let NTFS control permissions.  So we also leave everyone/full_Control at share level, and not worry about acling the share and worry about controlling perms at NTFS level.     When you say things aren't working, what exactly isn't working?   Also, do you map root to builtin group?   for cDOT - this vserver cifs options -  Are Administrators mapped to 'root': true   7-mode - options wafl.nt_admin_priv_map_to_root         ... View more

This is quite a common setup throughout the industry.  Are you saying that when you provisioned the system, you don't provision builtin\administrators to the NTFS file system?   I'm trying to understand how your share vs ntfs file system security is setup   Generally   Share - everyone- full   or authenticated users - full NTFS permission - builtin\administrators - full    User Group - modify ... View more

I will never say 100%, but just if i'm talking basics you cannot replicate between 7-mode and cdot unless its a TDP.   Ive been doing this a very long time so let's say i'm 99%     ... View more

Ok, that will not work.    You will need ontap 9 - ontap 9,    7-mode is legacy and will only replicate with a TDP (transitional snapmirror) for migration.   If you have live data on 7-mode you need to migrate to Ontap 9.  There is no upgrade plan. ... View more

Unless you are doing a TDP to the cloud, at which I don't know.. ... View more

7-mode will not go to the cloud   But if you figure it out, let us know ... View more