Quantcast
Channel: All ONTAP Discussions posts
Viewing all 19173 articles
Browse latest View live

Re: Name mapping for vol security style mixed

June 1, 2018, 8:08 pm
$
0
0

Hi

 

As emphasized in some places including NetApp TR's. Mixed style should not be used in general - it's functionality that exists because NetApp could provide it and some customers wanted it. but it's poorly serve the purpose that most users would consider a "mix". in short - mixed means that on whatever protocol the individual file taken ownership with (creates as well). it would be the type of ACL for that file (NTFS for CIFS, UNIX for NFS).

 

This can create lot's of confusion. and not really giving any value.

what you should do instead is to set the volume/qtree to the file system it mainly going to be manged from. if it also need access from other platform you can consider using a client side implementation to connect to the non-native platform (such SAMBA for linux of NFS client for windows). if that's not possible, consider separating the dataset to separate volumes/qtrees and not allowing shared access (as it also have disadvantages) . or use the default/anonymous mapping. / create a one way map between one platform to another. (similar to how you did, however keep in ,ind it meant to use with external nameservices )

 

i can;t really tell if your command actually worked or not. but as you can see from the description above. you can always create a file with any type of ACL in mixed mode. but. the share used to access it and the folder you placing the file within. must have write access allowed on it (on whatever ACL style it has). i guess that if you give the folder 777 or everyone-modify in windows..you would be able to write to it from everywhere with or without the mapping.working.  but again - please don't use mixed-mode.

 

Gidi

Search

Re: There are not enough spare disks.... Need pointing in the right direction

June 1, 2018, 11:36 pm
$
0
0
1. It is possible to have “cold spare”, at the end it depends on how valuable Data is and how quick you can notice problem and replace failed disk. Your raid group will be unprotected (less protected) until rebuild competed; any error during this time means potential data loss.

2. The problem is not disk size (large disk can be used to spare smaller one) but disk type. By default FC-AL and ATA disks cannot be mixed in one aggregate.

3. Your unused shelf is AT which means it cannot be used as spare for small FC-AL disks.

I think there was an option to allow it; you need to check documentation. Think twice before doing it though if there is any serious load on these disks.

How to prevent directory from accidental deletion

June 2, 2018, 12:23 am
$
0
0

We are using FAS 2552

 

We want to prevent directory from accidental deletion. Please let us know how we can achive this on CentOS like chattr +a.

Re: What is 7-mode cluster architecture

June 3, 2018, 7:23 am
$
0
0
Hi

Clustered mode started on a separate product that they acquired from spinnaker networks (started as ontap 10/gx). On ontap 8 they have implemented this 10/gx on top of their existing product (ontap 7) as a nblade (node blade). When customers wanted to activate this latest greatest functionality they needed to switch mode in the loader to the clustered one. If they wanted to stay on their well known stable mode as in the previous version (7) on their latest greatest ontap 8, the mode in the loader had to be kept as “7-mode”.

Gidi

configuration backup with tftp results in 0 size files

June 4, 2018, 4:59 am
$
0
0

I'm working on uploading configuration backups to an external server. In my case, I'm trying to use simply TFTP.

 

I have a number of Cisco devices in this setup, they are able to successfully upload their configuration backup files to a TFTP server I have installed on my Windows laptop, called OpenTFPTServerMT.

This should indicate the server is working and no firewalls are blocking.

All devices are on the same subnet.

 

configuration backup upload -node cluster01-01 -backup cluster01.8hour.2018-06-04.10_15_02.7z -destination tftp://xxx.xx.xxx.xxx/

(system configuration backup upload)
Uploading the configuration backup file.
tftp upload in progress...........tftp upload in progress...........
Configuration backup file uploaded successfully.


cluster01::system configuration backup*>

 

The file cluster01.8hour.2018-06-04.10_15_02.7z appears on my TFTP server's incoming files area, but the size is 0 kB.

 

In the TFTP server log, I get repeated messages of timeout. I've increased the timeout to the max value, but the result is the same.

 

Ideally, I'd like to use SFTP, but Netapp doesn't appear to have that option.

 

 

FAS8200, Ontap 9.3P2

Re: configuration backup with tftp results in 0 size files

June 4, 2018, 5:27 am
$
0
0

Can you do a a packettrace on your laptop and show how the upload start and finishes ?

CLI or Powershell command to find controller shelf PSU and Fan details

June 4, 2018, 9:29 am
$
0
0

Been searching for a while, but I've not been able to find the commands to use to give a report of the controller shelf serial and part numbers for the power supplies and fan modules.

I can use Get-NcStorageShelf to give me all details for the disk shelves, but not the actual controller shelf.

 

I can get node serials, CPU serials and some other info from Get-NcNode and Get-NcNodeInfo, but if someone could point me in the right direction for the fans and PSUs I'd appreciate it.

 

FAS8200, 9.3P4.

Re: Migrating snapvault source.

June 4, 2018, 2:18 pm
$
0
0

Hi

 

i had a free evening so i tried to do something similar to this KB but using XDP with MirrorAllSnapshots instead of DP as the KB suggest.

and i have a good news IT WORKED Robot LOL . is it supported? does it have limitation? would it break on version difference?  i have no idea - and suggest you to try it on your system before moving the workload and perhaps have NetApp verifying it as supported.

 

i will send a link to this post as comment to the KB. and as DP going to be deprecated in the next release. this seems to be a good replacement.

 

 

Attaching the output. i did it all on a single 9.1P6 cluster and a single SVM with two nodes (node1 as the source for the old and new SV's and Node2 as the Destination for the old and new SV's).

All the objects are technically independent..  so yes - in your environment each volume would be on dedicated cluster. and i assume different versions (i only have one cluster to test on)

 

in short: (you can also find these comments in the attachment):

#Creating the "existing scenario", SRC and DST volumes, a file in the SRC volume and few snapshots that are snapvaulted across

#Creating the Volumes on the "new" SV's SRC and DST clusters, And mirror in each "site" from it's old to new cluster using MirrorAllSnapshots and XDP(not DP as in the KB)
#Once users ready to move to the new clusters - release/break all 3 relationships to make the new source writable (you can start only with that one if you wish)

#Take the old clusters volumes offline to make sure no one writes to them
#Create and resync the actual SV relationship (yes, without running baseline on the WAN)

#Verify that all the snaps exists and the test file is intact 

 

Good luck

Gidi

Search

Creating SVM from snaplock root aggregate

June 4, 2018, 3:18 pm
$
0
0

Hi,

 

Im Trying to create SVM from snaplock aggregate but i couldnt do it because root aggregate box is empty, can anyone help me? .ThanksSmiley Happy

Re: secd.conn.auth.failure:

June 4, 2018, 4:56 pm
$
0
0

FYI we are on 9.1P13 and we still see these alerts come through, even though lif connections are successful and we are not experiencing any problems with cifs.

Re: How to prevent directory from accidental deletion

June 4, 2018, 7:17 pm
$
0
0

Hi there,

 

The answer to this question depends on what storage protocol you are using. If you have an iSCSI LUN presented, then it would be exactly the same as a local disk. If you're using NFSv3 and you want to prevent local root from deleting a directory on the NetApp NFS server, using krb5+NFSv4 is probably a better choice, otherwise if you just want to prevent users from deleting directories, standard unix ACLs would work too.

 

Hope this helps!

Re: CLI or Powershell command to find controller shelf PSU and Fan details

June 4, 2018, 7:21 pm
$
0
0

Hi there!

 

"system node run -node * -command sysconfig -M" from the CLI would display this information. I don't know about Powershell for this though.

 

Hope this helps!

Re: CLI or Powershell command to find controller shelf PSU and Fan details

June 4, 2018, 8:29 pm
$
0
0

run -node \* -command environment status shelf will give you. You can use Invoke-Ncssh to get the output and extract the in formation 

Clone cluster

June 4, 2018, 11:17 pm
$
0
0

Hi

 

Is there anybody out there who had tried to clone a single cluster (HA-Pair) from a "configuration backup file"?

Did it work?

 

It would be great if it worked since I'm about to install several systems that are identical and standalone, so "cloning" by taking the configurations file from one (working) system and install the other systems would be a nice solution :-)

 

//Bjorn

Re: Snapshot stops working

June 5, 2018, 3:32 am
$
0
0

Hi Gidi,

I will check this tonight and tell you about it.

 

Thanks.

Search

Re: Host Utilities Kit 7.0 needed with MPIO DSM 4.1p1?

June 5, 2018, 5:57 am
$
0
0

Resurrecting an old thread, but having just had trouble installing HU7.1 on Server 2012, the required hotfixes won't install (not applicable) as they've long been superseded by the monthly quality rollups.

 

The Host utilities install guide https://library.netapp.com/ecm/ecm_download_file/ECMLP2789202 Page 25 says:

 

 

Note: Windows Unified Host Utilities is currently required for all supported configurations of
Windows hosts that use NetApp LUNs except if the host is running Data ONTAP DSM 3.5 for
Windows MPIO or later

 

So your instructor was correct.

 

Re: How many vol move operations can be active at same time

June 5, 2018, 9:15 am
$
0
0

It would be really interesting to know what the performance impact for a volume move is.

 

I have started a volume move on a FAS2552 from Aggr1 to Aggr2 with each about 100TB space. The volume I'm moving is 20TB big.

 

On another volume on aggr2 there is a share. That share has a folder with 500 small files. There's a process with these files replacing the files then unpacking, modifying, packing it back... this process usually takes 15-20 minutes... and runs every hour... now since I started the vol move it's taking 1h 20 minutes... so it's four times the time it has consumed before the vol move. I can see with statistics show-periodic that the CPU (95% and higher) is pretty high on the controller node that owns the disks of Aggr2. Now I'm not saying that it's ONLY the vol move but clearly the move process has an impact on the performance - can anyone point me to any literature that is discussing this?

 

Thank you!

axsys

Re: How to convert TDP to XDP SnapMirror?

June 6, 2018, 12:43 am
$
0
0

Sorry to resurrect this but had the same problem, got some help from our partner support.

 

Issue seemed to be for me (ONTAP 9.3GA) that the snapmirror relationship defaulted to XDP even when trying to set DP explicitly, see:

 

https://kb.netapp.com/app/answers/answer_view/a_id/1071159

 

The command mentioned in the KB didn't work but this did:

 

options -vserver <cluster mgt SVM> -option-name replication.create_data_protection_rels.enable -option-value on

 

Once I'd set that on just the target C-mode cluster it all worked and the SM relationship was set to DP rather than XDP so could carry on with the block based snapmirror. Once you've got enough C-mode snapshots and removed the old 7-mode ones you could convert to XDP

 

cheers

 

Z

Re: UPN (user principal name) login does not work after migration to Clustered Ontap 8.2.2

June 6, 2018, 8:09 am
$
0
0

similar issue here

 

we have a different UPN than domain name. If users try to authenticate with user@fancyDomainName.com it fails. Authentication with domain\username works fine. On Oncommand, i get the following Error:

secd.cifsAuth.problem: vserver (fsxxx15) General CIFS authentication problem. Error: User authentication procedure failed CIFS SMB2 Share mapping - Client Ip = 10.207.5.75 [ 14] User 'fancydomainName.com\user' authenticated using NTLMv2 security **[ 14] FAILURE: Unsupported Windows domain name 'fancydomainName' [ 14] CIFS authentication failed [ 15] Using a cached connection to dcxxx [ 21] Unable to find the NetBIOS domain name for Active Directory 'fancyDomainName' [ 21] Unsupported Windows domain name 'fancyDomainName"

 

Any Idea, how I can tell my Netapp, that domainname is domain and fancyDomainName is just a UPN? "fancyDomainName" shoud get translated to "Domain"

 

Thanks

Sebe

Re: Service Processor Card Security - TLS

June 7, 2018, 6:30 am
$
0
0

I am curious if this feature has been implemented. We just upgraded to ver 9.3P4 and we are getting dinged by our security department because the SPs are not TLS 1.2

Viewing all 19173 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>