- Notes, cautions, and warnings
- Additional Resources
- Introduction
- Service Commands
- Shut down and reboot an appliance (svc_appliance)
- Provision an appliance (svc_appliance_provisioning)
- Capture array configuration data (svc_arrayconfig)
- Make space on the root partition (svc_cleanup)
- Clear the DIMM state value on a specific node (svc_clear_dimm_ce_state)
- Clear firmware update (svc_clear_fw_update_alert)
- Shut down a SAN cluster (svc_cluster)
- Diagnose a create cluster failure (svc_cluster_diag)
- Cluster management (svc_cluster_management)
- Enable or disable counter collection (svc_cnt)
- Enable counter collection (svc_cnt enable)
- Disable counter collection (svc_cnt disable)
- See the collection status (svc_cnt status)
- Restart the collection service (svc_cnt restart)
- Enable the 1-second collection profile (svc_cnt performance)
- Disable the 1-second collection profile (svc_cnt performance_disable)
- Configure new SLICs (svc_commit_slic)
- Show the security compliance state (svc_compliance_mode)
- Check status of or restart container (svc_container_mgmt)
- Support materials (svc_dc)
- Generate a support materials bundle (svc_dc run)
- Delete a support materials bundle (svc_dc delete)
- List support materials (svc_dc list)
- List all support material profiles (svc_dc list_profiles)
- List all system dump files (svc_dc list_dumps)
- Download an existing support materials bundle (svc_dc download)
- Upload a support materials bundle (svc_dc upload)
- Enable or disable DDSD (svc_dd)
- System diagnostics (svc_diag)
- Check upgrade conversion status (svc_dip_upgrade_check)
- Check datapath stats (svc_dp_oos_check)
- Collect flash and NVMe statistics (svc_drive_stats)
- Reset or restart (svc_enclosure)
- Factory reset (svc_factory_reset)
- Get a report on unreducible data (svc_get_unreducible_dp_stats)
- Get report on unreducible data (svc_get_unreducible_stats)
- Perform a health check on the appliance (svc_health_check)
- Help (svc_help)
- Hypervisor diagnostics (svc_hypervisor)
- Set limits for import service (svc_import_config)
- Inject troubleshooting software tool (svc_inject)
- Install service tools (svc_inject run)
- Delete an injected service tool (svc_inject delete)
- Display information about a specific package (svc_inject info)
- Generate a root or recovery package key (svc_inject generate-key)
- Deactivate service escalation (svc_inject deactivate)
- View service escalation status (svc_inject status)
- Review system journal logs (svc_journalctl)
- Check the license status of appliances in a cluster (svc_license_status)
- Install the PowerStore system (svc_manufacturing)
- See and update MFS settings for SecurID (svc_mfa_state)
- Retrieve information system information (svc_mgmt_operations)
- Migrate a cluster or DVS to another vCenter (svc_migrate_to_vcenter)
- Enable or disable autodownload (svc_modify_autodownload)
- Run service scripts using SSH tunneling (svc_nas)
- Download the ACL database of a file system (svc_nas nas_svc_acldb_dump)
- Manage Dynamic Access Control (svc_nas nas_svc_dac)
- Generate NAS output files (svc_nas nas_svc_data_protection)
- Generate an SDNAS archive file (svc_nas nas_svc_dc)
- Manage NAS servers (svc_nas nas_svc_nas)
- Manage an IMT import (svc_nas nas_svc_imt)
- Display the SDNAS log (svc_nas nas_svc_log)
- Show statistics for NDMP and PAX backup sessions (svc_nas nas_svc_paxstats)
- Run a Linux tcpdump (svc_nas nas_svc_tcpdump)
- Back up NAS server configuration (svc_nas_cbr)
- See CIFS issues (svc_nas_cifssupport)
- Advanced NAS settings (svc_nas_tools and svc_nas_global_tools)
- Enter maintenance mode (svc_nas_maintenance_mode)
- Display inode usage (svc_nas_storagecheck)
- Get NAS server information and manage settings (svc_nas_tools)
- Retrieve NAS server net devices and IP addresses (svc_nasserver_to_netdevice)
- See network information (svc_networkcheck)
- Show ARP records cache settings (svc_networkcheck arp)
- Perform network and system checks (svc_networkcheck info)
- Check server port availability (svc_networkcheck tracert)
- Check the TCP port (svc_networkcheck tcp)
- Show network device driver and hardware information (svc_networkcheck ethtool)
- Ping an IPv4 target (svc_networkcheck ping)
- Ping an IPv6 target (svc_networkcheck ping6)
- Show network connections (svc_networkcheck netstat)
- Perform a DNS check (svc_networkcheck dns)
- See system bond devices (svc_networkcheck bond_list)
- Show interface names (svc_networkcheck interfaces)
- Reboot, shut down, and turn on a node (svc_node)
- Control node affinity (svc_node_affinity_balance)
- Check and fix the NTP status (svc_ntp_ctl)
- Customize validation service parameters (svc_onv_customizing)
- Disable password reset (svc_password_mgmt)
- Send REST requests through the service container (svc_pstcli)
- Troubleshoot and repair (svc_remote_support)
- List the remote configuration (svc_remote_support list)
- Modify the remote support configuration (svc_remote_support_modify)
- Modify contact information (svc_remote_support modify_contact)
- Reinitialize the remote support configuration (svc_remote_support reinitialize)
- Restart SupportAssist (svc_remote_support restart)
- Check the connectivity status (svc_remote_support connectivity)
- Manage the remote syslog (svc_remote_syslog)
- Refresh the expired Unity SSL certificate (svc_remote_system_certificate_operations)
- Remove appliance (svc_remove_appliance)
- Repair software (svc_repair)
- Replace the DPE (svc_replace_dpe)
- Service mode operation (svc_rescue_state)
- Grant service user access (svc_service_config)
- Gain root privileges (svc_service_shell)
- Software recovery (svc_software_recovery)
- Connect to the peer node service container (svc_ssh_peer)
- Collect system information (svc_system_info)
- Monitor network traffic (svc_tcpdump)
- View capacity metrics (svc_volume_space_metrics)
- Complete the recovery process (svc_wear_trickle_write)
- System Journal Fields
Dell PowerStore Service Scripts Guide
See CIFS issues (svc_nas_cifssupport)
This service script enables you to view information for troubleshooting CIFS-related issues. It displays information about network connectivity to domain controllers, access rights, credentials, access logs, and other related items for a specific NAS server or all NAS servers.
NOTE:Ensure that you run this script on the primary node of the appliance.
Usage
| Function | Diagnostic |
| Mode | Normal or Service |
| Usage | General use |
| Requires service user password? | No |
| Requires root privileges? | No |
| May cause data unavailability? | No |
| May cause data loss? | No |
| Scope | Appliance |
| Prerequisites | None |
Format
svc_nas_cifssupport [-h] [--server value] [--args="<value>"]
Optional arguments
| Qualifier | Description |
|---|---|
| -h, --help | Show the help message and exit. |
| --args | NAS service command arguments.
NOTE:Arguments must be preceded by hyphens. For example:
svc_nas_cifssupport --args="<>"
|
Positional arguments
| Qualifier | Description |
|---|---|
| --server | Specify the name of the NAS server that you want to run the specific action on. |
Options
Use the --args argument to specify additional options.
- [-h | -help | --help | <no option>]
- Display help and exit. Use this option with svc_nas_cifssupport to view the top-level options for the command. To view the options and parameters for a top-level option, use the -help option after the top-level option. For example, the output of svc_nas_cifssupport --server nas 1 --args="-setspn -help" provides detailed usage information about the -setspn option.
- -accessright
- Compute the effective access rights for a user on a file system resource.
- Usage:
svc_nas_cifssupport --server <server name> | --args="-accessright {-user <user_name> [-domain <domain_name>] | -sid <SID>} {{-path <path_name> [-stop_on_symlink]} | -share <share_name>}" -
- -user <user_name> [-domain <domain_name>] | -sid <SID>
- Specify the user name and domain or the SID of the user.
- {-path <path_name> [-stop_on_symlink]} | -share <share_name>
- Specify the file system resource.
- -acl
- Dump or display the Access Control List (ACL) for the specified file system resource.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-acl {{-path <pathname> [-stop_on_symlink]} |-share <sharename>} [-verbose] [-aclext] |-fs <filesystem_name> {-printstats | -resetall {[-path <path>] | [-owner] | [-group] | [-dacl] | [-sacl]}}" -
- -path <pathname>
- Display the ACL of the pathname.
- -stop_on_symlink
- Display the ACL of the symbolic link, instead of the target of the link.
- -verbose
- Display more information about the ACL.
- -aclext
- Dump additional details about conditional ACEs and resource attributes that are present.
- -fs <filesystem_name>
- Name of the file system.
- -printstats
- Get the ACL statistics on the file system.
- -resetall
- Reset all ACL on the file system (set everyone with full control).
- -path <path>
- Copy ACL of the given path to all the other files of the file system. If you specify one of the following options (-owner, -group, -dacl, and -sacl), copy only the relevant items. You can use these options together or combine them as you need.
- -owner
- Reset owners.
- -group
- Reset groups.
- -dacl
- Reset DACL.
- -sacl
- Reset SACL.
- -audit
- Audit the current CIFS (clients) connections on the SMB server.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-audit -user <user_name> | -client <client_name> | -full"
-
- -user <user_name>
- Audit connections for the specified user.
- -client <client_name>
- Audit connections for the specified client or IP address.
- -full
- Display more details about the file opens per connection.
- -builtinclient
- Audit the current domain controller connections on the SMB server built-in client.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-builtinclient"
- -checkup
- Perform internal configuration tests to discover the root cause of potential configuration or environmental errors.
- Usage:
svc_nas_cifssupport --server<server name> | ALL --args="-checkup [-full] [-info]"
-
- -full
- Perform additional tests, which could take a significant amount of time.
- -info
- Display information about the test that is executed by the command.
- -cred
- Display or build a Windows user credential. Use this command to troubleshoot user access control issues.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-cred {-user <user_name> -domain <domain_name> | -sid <SID> | -uname <unix_name>} [-build] [-credext]" -
- -user <user_name> -domain <domain_name>
- The name and domain of the user.
- -sid <SID>
- The SID of the user in decimal form.
- -uname <unix_name>
- The UNIX name or numerical ID (using the convention @uid=xxxx,gid=yyyy@, with xxxx and yyyy the decimal numerical value of the uid and the primary gid, respecitively) of the user.
NOTE:Setting the default UID to 0, or to a user which will be resolved at UID 0, will grant that user full root access. Ensure that this value is not set to 0 for users who should not have full access.
- -build
- Build the credential for a user that has not yet connected the SMB server.
NOTE:This option requires a domain administrator ID/ password.
- -credext
- Include additional details of the claims that are present in the Kerberos ticket. This is only for Dynamic Access Control (DAC).
- -gpo
- List (-info) or force update (-update) the Windows global policy objects (GPOs) that are applied to the SMB server.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-gpo [-info] [-update]"
- -homedir
- Enable or disable the SMB home directories. Once the feature is enabled, a homedir file containing the name of the SMB users and their related home dirctory must be uploaded to the NAS server using the uemcli /net/nas/server CLI command. Once this is done, SMB users can connect to the SMB HOME share.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-homedir [-enable] | [-disable]"
-
- [-enable]
- Enables the home directories feature.
- [-disable]
- Disables the home directories feature.
- -Join
- Join the specified server to a Windows Active Directory (AD) domain, move it to another organizational unit (OU), or collect information about it from the Domain Controller (DC).
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-Join -compname <comp_name> -domain <full_domain_name> -admin <admin_name> [-ou <organizational_unit>] [-option {reuse | resetserverpasswd | addservice=nfs}]" -
- -admin <admin_name>
- Specify an account that has administrator privileges on the specified domain. The password must be provided when prompted.
- -ou <organizational_unit>
- Specify the OU in which to place or move the specified computer.
- -option {reuse | resetserverpasswd | -addservice=nfs}
-
- reuse
- Allow the specified computer to join the server by taking ownership of an existing computer account in the Windows AD domain that matches the computer name that is specified in the command.
- resetserverpasswd
- Reset the server password on the DC.
- -addservice=nfs
- Add an NFS SPN for the specified server in Active Directory for secure NFS.
- -logontrace
- Log user or machine logon attempts for the specified IP address or for all clients when no IP address is specified.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-logontrace {-enable <ip_address> | -disable | -list}" - -lsarpc
- Query the specified Windows user identify for an account specified by user name or SID (security identifier) and return the corresponding Unix UID.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-lsarpc -nb <comp_name> {-user <user_name> | -sid <SID> [hex=<0/1>] | -priv}" -
- -nb <comp_name>
- Specify the netbios name of the server.
- -user <user_name> | -sid <SID>
- Specify the username or the SID.
- hex=<0/1>
- Specify if the SID is given in decimal (0) or hexadecimal (1) format.
- -priv
- List all available privileges on the domain. This can be used to resolve foreign language issues.
- -nltest
- Simulate an NTLM user authentication on the server by specifying a domain user name and password pair. Use this command to troubleshoot connection issues or test DC connections. This command only applies to servers that are joined to a Windows domain.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-nltest -nb <comp_name> {-user <user_name> -dom <domain> -usrpwd <user_password> [-wkst <client_name>]}" -
- -wkst <client_name>
- Optionally set a workstation name in the NTLM request.
- -pdcdump
- Display information about every SMB server DC in use at the NAS server level. This command only applies to servers that are joined to a Windows domain.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-pdcdump"
- -pingdc
- Check the network connectivity of the CIFS server that is specified by the NetBIOS name or computer name with a domain controller. Once connectivity is established, the command verifies that a CIFS server can access and use the domain controller services. This command only applies to servers that are joined to a Windows domain.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-pingdc -compname <comp_name> [-dc <netbios_DC_name>] [-verbose]"
- -samr
- Query the groups a user belongs to using either the user name or SID.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-samr -nb <comp_name> {-sid <SID> | -user <user_name>}" - -secmap
- Access the Secure Mapping database that acts as a cache mechanism to relate Windows SIDs to UNIX UIDs.
NOTE:Modifying a SID to UID mapping can impact security. Use with caution.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-secmap -list [ -user <user_name> -domain <domain_name> | -domain <domain_name> | -sid <SID> | -uid <user_id> | -gid <group_id> ] | -create {-name <name> -domain <domain_name> | -sid <SID> } | -update {-name <name> -domain <domain_name> | -sid <SID> } | -delete {-name <name> -domain <domain_name> | -sid <SID> } | -export [-file <filename>] | -import -file <filename> | -report" -
- -list [ -user <user_name> -domain <domain_name> | -domain <domain_name> | -sid <SID> | -uid <user_id> | -gid <group_id> ]
- Access the Secure Mapping database that acts as a cache mechanism to relate Windows SIDs to UNIX UIDs.
- -create {-name <name> -domain <domain_name> | -sid <SID> }
- Add a new mapping entry in the Secure Mapping database.
- -update {-name <name> -domain <domain_name> | -sid <SID> }
- Update a mapping entry from the Secure Mapping database.
- -delete {-name <name> -domain <domain_name> | -sid <SID> }
- Delete a mapping entry from the Secure Mapping database.
- -export [-file <filename>]
- Export Secure Mapping database to the specified file.
- -import -file <filename>
- Import Secure Mapping database from the specified file.
- -report
- Display Secure Mapping database health and content.
- -setspn
- Manage Windows security principals (SPNs) of the specified computer that is joined to AD.
NOTE:SPNs are required for domain configurations in which the DNS domain is different than authentication domain (Kerberos realm). For example, if the DNS server zone includes a DNS CNAME record that maps compname.<domain1 FQDN> to compname.<server's domain FQDN>, then the SPN host compname.<domain1 FQDN> must be added for the compname.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-setspn -list compname=<comp_name> | -add <SPN> compname=<comp_name>,domain=<full_domain_name>,admin=<admin_name> | -delete <SPN>"
-
- -list compname=<comp_name>
- Display all SPNs for the specified FQDN server, both for the SMB server and for the KDC Windows AD entry.
- -add <SPN> compname=<comp_name>,domain=<full_domain_name>,admin=<admin_name>
- Add the specified SPN to both the NAS server and AD.
- -delete <SPN>
- Delete the specified SPN for both the NAS server and AD.
- -smbhash
- Troubleshoot issues with the Microsoft Windows Branch caching mechanism. BranchCache V1 and BranchCache V2 are supported.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-smbhash -hashgen <path> [-recursive] [-minsize <size>] | -hashdel <path> [-recursive] | -abort <id> | -info | -fsusage <fs_name> | -exclusionfilter <filter> | -audit {enable | disable} [-task] [-service] [-access] | -cleanup <fs_name> [-all | -unusedfor <days> | -unusedsince <date>]" -
- -hashgen <path> [-recursive] [-minsize <size>]
- Generate all SMB hash files for the specified path. If -recursive is used, the SMB hash is recursively generated for the subdirectories.
- -hashdel <path> [-recursive]
- Delete all SMB hash files for the specified path.
- -abort <id>
- Cancel the specified pending or ongoing request (hash file generation or deletion). The ID for the request is in the output of -info.
- -info
- Show detailed information for the hash generation service.
- -fsusage <fs_name>
- Display the SMB hash file disk usage for the specified file system.
- -exclusionfilter <filter>
- Do not generate an SMB hash file for files that match the exclusion filter.
- -audit {enable | disable} [-task] [-service] [-access]
- Enable the generation of audits in the smbhash event log.
- -cleanup <fs_name> [-all | -unusedfor <days> | -unusedsince <date>
- Clean up the SMB hash files for the specified file system.
- -Unjoin
- Unjoin the specified machine from its AD domain. If dynamic DNS is employed, the entry is removed from AD and DNS. The password for the specified account with domain administrator privileges must be provided when prompted.
- Usage:
svc_nas_cifssupport --server <server name> | ALL --args="-Unjoin -compname <comp_name> -domain <full_domain_name> -admin <admin_name>"
Example
Use the following command to view the ACL for the smbshare share on the nas1 NAS server:
svc_nas_cifssupport --server nas1 --args="-acl -share smbshare" nas1 :done ACL DUMP REPORT Share : \\\\nas1\\smbshare UID : 0 GID : 1 Rights : rwxr-xr-x
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\