Creating a CIFS share on a Netapp Clustered Mode storage system with PowerShell

In a Windows environment, CIFS shares are a common occurrence and a necessity for many services such as Active Directory and print services. Setting up a share on a Windows server is a fairly simple task. We create a folder, enable sharing, set permissions. Netapp has been a leader in storage technology and also has the capability to serve CIFS shares. My experience with Netapp has been extremely positive as their storage systems are very solid and rarely have outages. Today I will show how we can create a share on a Netapp Clustered Mode system with Netapp’s PowerShell module.

Prerequisites:

For this example I am connecting to a management interface on a Netapp storage SVM (Storage virtual machine) with the name FAS-SVM. This share named ‘finance’ will be used for an Active Directory group named ‘DOMAINFinanceGroup to share their files’.
1. First we login to the system with the Connect-NCController command. This will create a persistent session with FAS-SVM so that going forward any commands that run will be against this system.
C:> Connect-NcController -Name fas-svm | ft -AutoSize
 
Name                 Address      Vserver  Version
----                 -------      -------  -------
fas-svm1             172.16.80.10 fas-svm1 NetApp Release 9.1
2. Next, we will create a directory on ‘vol1’ for our CIFS share named ‘finance’. I set the permissions to 777 so that everyone has access to the directory.
C:> New-NcDirectory -Path /vol/vol1/finance -Permission 777 | ft -AutoSize


Name    Type      Size   Created  Modified Owner Group Perm Empty
----    ----      ----   -------  -------- ----- ----- ---- -----
finance directory 4 KB 3/24/2017 3/24/2017     0     0  777 True
3. Time to create the CIFS share on the ‘finance’ folder. We will use the command Add-NcCIFSShare for this. Note that there are several parameters we can use. One important parameter is -ShareProperties. From the module help we can see our options:
-ShareProperties <String[]>
    The list of properties for this CIFS share. Possible values:
    "oplocks"        - This specifies that opportunistic locks (client-side caching) are enabled on this share.
    "browsable"      - This specifies that the share can be browsed by Windows clients.
    "showsnapshot"   - This specifies that Snapshots can be viewed and traversed by clients.
    "changenotify"   - This specifies that CIFS clients can request for change notifications for directories on this share.
    "homedirectory"  - This specifies that the share is added and enabled as part of the CIFS home directory feature. The configuration of this share should be done using CIFS home directory
    feature interface.
    "attributecache" - This specifies that connections through this share are caching attributes for a short time to improve performance.
For this example lets make the CIFS share browsable and showsnapshots.
C:> Add-NcCifsShare  -Name finance -Path '/vol1/finance' -ShareProperties @("browsable","showsnapshot") -Comment 'Finance share' | ft -AutoSize


CifsServer ShareName    Path              Comment
---------- ---------    ----              -------
FAS-SVM   finance      /vol1/finance     Finance share
4. Now that our ‘finance’ share is created, we will set our CIFS permissions. We will use the Add-NcCifsShareACL command to give the AD security group ‘DOMAINFinanceGroup’ full control. We specify the parameter as ‘windows’ for -UserOrGroup.
C:> Add-NcCifsShareAcl -Share finance -UserOrGroup 'DOMAINFinanceGroup' -Permission full_control -UserGroupType windows | ft -AutoSize


Share        UserOrGroup         Permission
-----        -----------         ----------
finance      DOMAINFinanceGroup full_control
Done! Pretty simple eh? You can see how we could easily put these steps into a function for repeatable use in PowerShell.
To summarize the steps this is what we did:
  • Connected to our Netapp system
  • Created a directory on a volume
  • Created a CIFS share on that directory
  • Added CIFS permissions using an Active Directory security group

Comments are closed.