Module netapp_ontap.resources.cifs_share
Copyright © 2019 NetApp Inc. All rights reserved.
Overview
Before any users or applications can access data on the CIFS server over SMB, a CIFS share must be created with sufficient share permissions. CIFS share is a named access point in a volume which is tied to the CIFS server on the SVM. Before creating a CIFS share make sure that the path is valid within the scope of the SVM and that it is reachable. Permissions can be assigned to this newly created share by specifying the 'acls' field. When a CIFS share is created, ONTAP creates a default ACL for this share with 'Full-Control' permissions for an 'Everyone' user.
Examples
Creating a CIFS share
To create a CIFS share for a CIFS server, use the following API. Note the return_records=true query parameter used to obtain the newly created entry in the response.
# The API:
POST /api/protocols/cifs/shares
# The call:
curl -X POST "https://<mgmt-ip>/api/protocols/cifs/shares?return_records=true" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"access_based_enumeration\": false, \"acls\": [ { \"permission\": \"no_access\", \"type\": \"unix_user\", \"user_or_group\": \"root\" } ], \"change_notify\": true, \"comment\": \"HR Department Share\", \"encryption\": false, \"home_directory\": false, \"name\": \"TEST\", \"oplocks\": true, \"path\": \"/\", \"svm\": { \"name\": \"vs1\", \"uuid\": \"000c5cd2-ebdf-11e8-a96e-0050568ea3cb\" }, \"unix_symlink\": \"local\"}"
# The response:
{
"num_records": 1,
"records": [
{
"svm": {
"uuid": "000c5cd2-ebdf-11e8-a96e-0050568ea3cb",
"name": "vs1"
},
"name": "TEST",
"path": "/",
"comment": "HR Department Share",
"home_directory": false,
"oplocks": true,
"access_based_enumeration": false,
"change_notify": true,
"encryption": false,
"unix_symlink": "local",
"acls": [
{
"user_or_group": "root",
"type": "unix_user",
"permission": "no_access",
"winsid_unixId": "0"
}
]
}
]
}
Retrieving CIFS Shares for all SVMs in the cluster
# The API:
GET /api/protocols/cifs/shares
# The call:
curl -X GET "https://<mgmt-ip>/api/protocols/cifs/shares?fields=*&return_records=true&return_timeout=15" -H "accept application/hal+json"
# The response:
{
"records": [
{
"svm": {
"uuid": "000c5cd2-ebdf-11e8-a96e-0050568ea3cb",
"name": "vs1",
"_links": {
"self": {
"href": "/api/svm/svms/000c5cd2-ebdf-11e8-a96e-0050568ea3cb"
}
}
},
"name": "admin$",
"path": "/",
"home_directory": false,
"oplocks": false,
"access_based_enumeration": false,
"change_notify": false,
"encryption": false,
"volume": {
"name": "vol1",
"uuid": "4e06f1bc-1ddc-42e2-abb2-f221c6a2ab2a"
},
"_links": {
"self": {
"href": "/api/protocols/cifs/shares/000c5cd2-ebdf-11e8-a96e-0050568ea3cb/admin%24"
}
}
},
{
"svm": {
"uuid": "000c5cd2-ebdf-11e8-a96e-0050568ea3cb",
"name": "vs1",
"_links": {
"self": {
"href": "/api/svm/svms/000c5cd2-ebdf-11e8-a96e-0050568ea3cb"
}
}
},
"name": "c$",
"path": "/",
"home_directory": false,
"oplocks": true,
"access_based_enumeration": false,
"change_notify": true,
"encryption": false,
"unix_symlink": "local",
"acls": [
{
"user_or_group": "BUILTIN\\Administrators",
"type": "windows",
"permission": "full_control"
}
],
"volume": {
"name": "vol1",
"uuid": "4e06f1bc-1ddc-42e2-abb2-f221c6a2ab2a"
},
"_links": {
"self": {
"href": "/api/protocols/cifs/shares/000c5cd2-ebdf-11e8-a96e-0050568ea3cb/c%24"
}
}
},
{
"svm": {
"uuid": "000c5cd2-ebdf-11e8-a96e-0050568ea3cb",
"name": "vs1",
"_links": {
"self": {
"href": "/api/svm/svms/000c5cd2-ebdf-11e8-a96e-0050568ea3cb"
}
}
},
"name": "ipc$",
"path": "/",
"home_directory": false,
"oplocks": false,
"access_based_enumeration": false,
"change_notify": false,
"encryption": false,
"volume": {
"name": "vol1",
"uuid": "4e06f1bc-1ddc-42e2-abb2-f221c6a2ab2a"
},
"_links": {
"self": {
"href": "/api/protocols/cifs/shares/000c5cd2-ebdf-11e8-a96e-0050568ea3cb/ipc%24"
}
}
},
{
"svm": {
"uuid": "000c5cd2-ebdf-11e8-a96e-0050568ea3cb",
"name": "vs1",
"_links": {
"self": {
"href": "/api/svm/svms/000c5cd2-ebdf-11e8-a96e-0050568ea3cb"
}
}
},
"name": "TEST",
"path": "/",
"comment": "HR Department Share",
"home_directory": false,
"oplocks": true,
"access_based_enumeration": false,
"change_notify": true,
"encryption": false,
"unix_symlink": "local",
"acls": [
{
"user_or_group": "Everyone",
"type": "windows",
"permission": "full_control"
},
{
"user_or_group": "root",
"type": "unix_user",
"permission": "no_access"
}
],
"volume": {
"name": "vol1",
"uuid": "4e06f1bc-1ddc-42e2-abb2-f221c6a2ab2a"
},
"_links": {
"self": {
"href": "/api/protocols/cifs/shares/000c5cd2-ebdf-11e8-a96e-0050568ea3cb/TEST"
}
}
}
],
"num_records": 4,
"_links": {
"self": {
"href": "/api/protocols/cifs/shares?fields=*&return_records=true&return_timeout=15"
}
}
}
Retrieving all CIFS Shares for all SVMs in the cluster for which the acls are configured for a "root" user
# The API:
GET /api/protocols/cifs/shares
# The call:
curl -X GET "https://<mgmt-ip>/api/protocols/cifs/shares?acls.user_or_group=root&fields=*&return_records=true&return_timeout=15" -H "accept: application/json"
# The response:
{
"records": [
{
"svm": {
"uuid": "000c5cd2-ebdf-11e8-a96e-0050568ea3cb",
"name": "vs1"
},
"name": "TEST",
"path": "/",
"comment": "HR Department Share",
"home_directory": false,
"oplocks": true,
"access_based_enumeration": false,
"change_notify": true,
"encryption": false,
"unix_symlink": "local",
"acls": [
{
"user_or_group": "Everyone",
"type": "windows",
"permission": "full_control"
},
{
"user_or_group": "root",
"type": "unix_user",
"permission": "no_access"
}
],
"volume": {
"name": "vol1",
"uuid": "4e06f1bc-1ddc-42e2-abb2-f221c6a2ab2a"
}
}
],
"num_records": 1
}
Retrieving a specific CIFS share configuration for an SVM
The configuration being returned is identified by the UUID of its SVM and the name of the share.
# The API:
GET /api/protocols/cifs/shares/{svm.uuid}/{name}
# The call:
curl -X GET "https://<mgmt-ip>/api/protocols/cifs/shares/000c5cd2-ebdf-11e8-a96e-0050568ea3cb/TEST" -H "accept: application/json"
# The response:
{
"svm": {
"uuid": "000c5cd2-ebdf-11e8-a96e-0050568ea3cb",
"name": "vs1"
},
"name": "TEST",
"path": "/",
"comment": "HR Department Share",
"home_directory": false,
"oplocks": true,
"access_based_enumeration": false,
"change_notify": true,
"encryption": false,
"unix_symlink": "local",
"acls": [
{
"user_or_group": "Everyone",
"type": "windows",
"permission": "full_control"
},
{
"user_or_group": "root",
"type": "unix_user",
"permission": "no_access"
}
],
"volume": {
"name": "vol1",
"uuid": "4e06f1bc-1ddc-42e2-abb2-f221c6a2ab2a"
}
}
Updating a specific CIFS share for an SVM
The CIFS share being modified is identified by the UUID of its SVM and the CIFS share name. The CIFS share ACLs cannot be modified with this API.
# The API:
PATCH /api/protocols/cifs/shares/{svm.uuid}/{name}
# The call:
curl -X PATCH "https://<mgmt-ip>/api/protocols/cifs/shares/000c5cd2-ebdf-11e8-a96e-0050568ea3cb/TEST" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"access_based_enumeration\": true, \"change_notify\": true, \"comment\": \"HR Department Share\", \"encryption\": false, \"oplocks\": true, \"path\": \"/\", \"unix_symlink\": \"widelink\"}"
```
### Removing a specific CIFS share for an SVM
The CIFS share being removed is identified by the UUID of its SVM and the CIFS share name.
The API:
DELETE /api/protocols/cifs/shares/{svm.uuid}/{name}
The call:
curl -X DELETE "https://
Classes
-
CIFS share is a named access point in a volume. Before users and applications can access data on the CIFS server over SMB, a CIFS share must be created with sufficient share permission. CIFS shares are tied to the CIFS server on the SVM. When a CIFS share is created, ONTAP creates a default ACL for the share with Full Control permissions for Everyone.
Initialize the instance of the resource.
Any keyword arguments are set on the instance as properties. For example, if the class was named 'MyResource', then this statement would be true:
MyResource(name='foo').name == 'foo'
Args
*args
- Each positional argument represents a parent key as used in the URL of the object. That is, each value will be used to fill in a segment of the URL which refers to some parent object. The order of these arguments must match the order they are specified in the URL, from left to right.
**kwargs
- each entry will have its key set as an attribute name on the instance and its value will be the value of that attribute.
Ancestors
Static methods
-
Deletes a CIFS share.
Related ONTAP commands
vserver cifs share delete
Learn more
Delete all objects in a collection which match the given query.
All records on the host which match the query will be deleted.
Args
*args
- Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to delete the collection of bars for a particular foo, the foo.name value should be passed.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will be sent as query parameters to the host. Only resources matching this query will be patched.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 -
Retrieves CIFS shares.
Related ONTAP commands
vserver cifs share show
vserver cifs share properties show
Learn more
Find an instance of an object on the host given a query.
The host will be queried with the provided key/value pairs to find a matching resource. If 0 are found or if more than 1 is found, an error will be raised or returned. If there is exactly 1 matching record, then it will be returned.
Args
*args
- Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to find a bar for a particular foo, the foo.name value should be passed.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
Resource
object containing the details of the object.Raises
NetAppRestError
: If the API call did not return exactly 1 matching resource. -
Retrieves CIFS shares.
Related ONTAP commands
vserver cifs share show
vserver cifs share properties show
Learn more
Fetch a list of all objects of this type from the host.
Args
*args
- Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to get the collection of bars for a particular foo, the foo.name value should be passed.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. max_records
- The maximum number of records to return per call
**kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A list of
Resource
objectsRaises
NetAppRestError
: If there is no connection available to use either passed in or on the library. -
Updates a CIFS share.
Related ONTAP commands
vserver cifs share modify
vserver cifs share properties add
vserver cifs share properties remove
Learn more
Patch all objects in a collection which match the given query.
All records on the host which match the query will be patched with the provided body.
Args
body
- A dictionary of name/value pairs to set on all matching members of the collection.
*args
- Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to patch the collection of bars for a particular foo, the foo.name value should be passed.
connection
- The
HostConnection
object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context. **kwargs
- Any key/value pairs passed will be sent as query parameters to the host. Only resources matching this query will be patched.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400
Methods
-
Deletes a CIFS share.
Related ONTAP commands
vserver cifs share delete
Learn more
Send a deletion request to the host for this object.
Args
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 -
Retrieves a CIFS share.
Related ONTAP commands
vserver cifs share show
vserver cifs share properties show
Learn more
Fetch the details of the object from the host.
Requires the keys to be set (if any). After returning, new or changed properties from the host will be set on the instance.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 -
Updates a CIFS share.
Related ONTAP commands
vserver cifs share modify
vserver cifs share properties add
vserver cifs share properties remove
Learn more
Send the difference in the object's state to the host as a modification request.
Calculates the difference in the object's state since the last time we interacted with the host and sends this in the request body.
Args
hydrate
- If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400 -
Creates a CIFS share.
Required properties
svm.uuid
orsvm.name
- Existing SVM in which to create the CIFS share.name
- Name of the CIFS share.path
- Path in the owning SVM namespace that is shared through this share.
Recommended optional properties
comment
- Optionally choose to add a text comment of up to 256 characters about the CIFS share.acls
- Optionally choose to add share permissions that users and groups have on the CIFS share.
Default property values
If not specified in POST, the following default property values are assigned: *
home_directory
- false *oplocks
- true *access_based_enumeration
- false *change_notify
- true *encryption
- false *unix_symlink
- localRelated ONTAP commands
vserver cifs share create
vserver cifs share properties add
vserver cifs share access-control create
Learn more
Send this object to the host as a creation request.
Args
hydrate
- If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
- If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
- If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
- If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
- Any key/value pairs passed will be sent as query parameters to the host.
Returns
A
NetAppResponse
object containing the details of the HTTP response.Raises
NetAppRestError
: If the API call returned a status code >= 400
Inherited members
-
The fields of the CifsShare object
Ancestors
- netapp_ontap.resource.ResourceSchema
- marshmallow.schema.Schema
- marshmallow.schema.BaseSchema
- marshmallow.base.SchemaABC
Class variables
-
If enabled, all folders inside this share are visible to a user based on that individual user access right; prevents the display of folders or other shared resources that the user does not have access to.
-
The acls field of the cifs_share.
-
Specifies whether CIFS clients can request for change notifications for directories on this share.
-
Specify the CIFS share descriptions.
Example: HR Department Share
-
Specifies that SMB encryption must be used when accessing this share. Clients that do not support encryption are not able to access this share.
-
Specifies whether or not the share is a home directory share, where the share and path names are dynamic. ONTAP home directory functionality automatically offer each user a dynamic share to their home directory without creating an individual SMB share for each user. The ONTAP CIFS home directory feature enable us to configure a share that maps to different directories based on the user that connects to it. Instead of creating a separate shares for each user, a single share with a home directory parameters can be created. In a home directory share, ONTAP dynamically generates the share-name and share-path by substituting %w, %u, and %d variables with the corresponding Windows user name, UNIX user name, and domain name, respectively.
-
The links field of the cifs_share.
-
Specifies the name of the CIFS share that you want to create. If this is a home directory share then the share name includes the pattern as %w (Windows user name), %u (UNIX user name) and %d (Windows domain name) variables in any combination with this parameter to generate shares dynamically.
Example: HR_SHARE
-
Specify whether opportunistic locks are enabled on this share. "Oplocks" allow clients to lock files and cache content locally, which can increase performance for file operations.
-
The fully-qualified pathname in the owning SVM namespace that is shared through this share. If this is a home directory share then the path should be dynamic by specifying the pattern %w (Windows user name), %u (UNIX user name), or %d (domain name) variables in any combination. ONTAP generates the path dynamically for the connected user and this path is appended to each search path to find the full Home Directory path.
Example: /volume_1/eng_vol/
-
The svm field of the cifs_share.
-
Controls the access of UNIX symbolic links to CIFS clients. The supported values are:
* local - Enables only local symbolic links which is within the same CIFS share. * widelink - Enables both local symlinks and widelinks. * disable - Disables local symlinks and widelinks.
Valid choices:
- local
- widelink
- disable
-
The volume field of the cifs_share.