You should be always logging into the cluster via the cluster management IP.     Let's say you log into svm_mgt - with your domain creds   userid / password   that will get funnelled over to the domain tunnel svm and you will get in.  But you need to have your security login setup as well with SSH for your admin groups ... View more

On our clusters, we setup dedicated domain tunnel vservers.    The CLI functions of the domain need to pass thru this vserver.  The reason why we chose to dedicate a vserver was for our svm-dr and all that, we didn't want to remember to move the domain tunnel.   That's part one, and then on security login you need to create your group which you want SSH access too.     You cannot do priv/pub key ... View more

Man I miss my 7-mode days.. Time to switch over to cDOT   Anyways, make sure you check qtree security style, if you need straight unix, make sure it's unix ... View more

Good catch, I can confirm i'm seeing the same thing in 9.3RC1 as well.  I assume when I upgrade our lab to GA, it will be the same thing.   My error is this. invoke-ncssh : An established connection was aborted by the software in your host machine.   We are probably just missing a new security setting in 9.3 that needs to be tweaked.. ... View more

No ... View more

The only advice I would give you is to get off that old system as fast as you can.  But check your diskqual package..  ... View more

https://library.netapp.com/ecmdocs/ECMP1196986/html/GUID-B7839E9C-E4BD-4E04-8DA0-F1E104CC20F3.html   Yes, I'm not sure if you should start crying or quit ... View more

You're statement is not correct   You can create a policy to discard network settings.   We use 3DNS to do what you are asking....   But I would make sure in the event of a failover you swing the DNS name to the DR side..  ... View more

I don't know what $share is, but I assume it's get-nccifssshare   It's there   Try this    get-nccifsshare $share | Select -ExpandProperty shareproperties ... View more

Depending on what version of ontap you are on, you can flag the volumes are either protected or unprotected.   Your second part of the question is confusing   You either want to setup an SVM-DR as identity-preserve true/false.   Take a look at the protection document, it will lay it our pretty good ... View more

Nice job. I tested it and it works on older systems as well.   One suggestion, in your WFA function you use param feature.  I would suggest you carry this over to your standard function as well, just for ease of use and consistency. ... View more

Based upon what I see, you will need to not use dynamic home drives.     Unless I have completely missed it.     ... View more

You can only have one unique home directory per svm.   You would have to hardcode a second one   Why do you need two HD's. ... View more

A client's home drive should be entirely irrevelant to anyone, even the user.   When you switch to cifs home-directory search paths, that's a 'dynamic' share, so it's only created when a user logs in and no one other than the user can access it.   Can you even create a share and then add %w, I don't know, but I think you are loking at this the wrong way.     ... View more

I agree with the thread owners that this is a big issue on those folks that are using 7-mode still.  We are working to get off 7-mode, but still have it in play and without a working way to execute invoke-nassh is a bit of a killer.   Has anyone filed a bug with Netapp yet, if not I will have to work with my SAM and TSE to open a bug on this.   We need this fixed, we know that 8.2.5 7-mode is the last copy of 7-mode to be released and it was primary a security releases as well as the option to turn off SMB 1.         ... View more

If you have relationships in play and you want to convert them to an SVM-DR relationship, that's pretty easy ... View more

If we were in a true DR we would establish LR mirrors on the root.     So you are still stuck with flexclones, you absolutely would have to present to a new svm.     Again, not a true DR.    Tell MGMT  DR test would be if you actually failed over full workload with full DR network.  How else do you know if stuff really works...     ... View more

SVM-DR is super simple.  We use it with identity preserve discard network.  It's a derivivative on 7-mode's vfiler dr.     If you are talking about LS mirrors on the root, don't worry about it.   Just follow the guide for svm-dr and you will be set   Forget that flexclone workflow as well. We do full failovers and failbacks. That's the only way to truly test DR ... View more

I think those are extended objects within cmdlet output   What cmdlet are you using to see those.  I went looking at get-ncvol and get-ncvserver and didn't see it   ... View more

Did you redo your secureadmin ssl setup and chose a higher bit as was suggested?  Did that still break?   ... View more

Im of the opinion to bypass the optimizers.  The netapp devices have all the efficiency builtin / dedupe compression that gets replicated.     ... View more