Personal Website, Tech Blog

Category: Netapp

How to test bandwidth between two Netapp clusters (snapmirror)

The following commands generate a payload in a node memory and transfers it to the destination node. What I noticed in Ontap 9.5 is that this command might misbehave when WAN Optimizers are present in between tested NAS devices. It probably happens because the generated payload is not random enough and gets compressed giving strangely high results.

frankfurt-cl1::*> network test-path -source-node frankfurt-cl1-01 -destination-cluster warsaw-cl1 -destination-node warsaw-cl1-01
 
Warning: This operation will generate large amount of cluster traffic and can cause temporary cluster traffic slowness.
Do you want to continue? {y|n}: y
 
Initiating path test. It can take up to 15 seconds for results to be displayed.
 
 
     Test Duration: 10.87 secs
   Send Throughput: 105.71 MB/sec
Receive Throughput: 105.71 MB/sec
           MB Sent: 1149.38
       MB Received: 1149.38
       Avg Latency:   829.32 ms
       Min Latency:    14.05 ms
       Max Latency:  1467.40 ms

Useful Active Directory Commands (PowerShell)

There are couple of account-related PowerShell commands that I use on a frequent basis. They are helpful in access troubleshooting, to check that user accounts and groups configuration is correct.

(Windows 10) Before using them you will need to install Remote Server Administration Tools and enable “activedirectory” Powershell module (you can find more details here).

Get information about “jdoe” user (e.g. if user account is locked, home drive location, etc.)

Get-ADUser -Identity jdoe -Properties * -server ldapserver.local

Surname           : Doe
Name              : Jon Doe
UserPrincipalName : 
GivenName         : John
Enabled           : TRUE
SamAccountName    : jdoe 
ObjectClass       : user
SID               : S-1-5-21-2889043008-4136710315-25555524263-3544
ObjectGUID        : e14177764-096c-4cb0-b903-ebb66562d99d
....

Get information about “Administrators” group

Get-ADGroup Administrators -server ldapserver.local

DistinguishedName : CN=Administrators,CN=Builtin,DC=ldapserver,DC=com
GroupCategory     : Security
GroupScope        : DomainLocal
Name              : Administrators
ObjectClass       : group
ObjectGUID        : 02ce3444-dd86-41ba-bddc-013f34432178
SamAccountName    : Administrators
SID               : S-1-5-32-444

Get group memberships of “jdoe” user

Get-ADPrincipalGroupMembership jdoe -server ldapserver.local|select name

name
--------
Administrators
STG_group
Employees
...

Get members of “Administrators” group

Get-ADGroupMember -identity Administrators  -server ldapserver.local|select name

name
--------
LDAP_user
Berezov
SVC_tech
...

Change password of “jdoe” user

Set-ADAccountPassword -Identity jdoe -server ldapserver.local

Please enter the current password for 'CN=jdoe CN=Pat,CN=Users,DC=ldapserver,DC=local'
Password:********** 
Please enter the desired password for 'CN=jdoe CN=Pat,CN=Users,DC=ldapserver,DC=local'
Password:*********** 
Repeat Password:***********

Remove Active Directory object (e.g. SVM, sometime helpful when there is a problem joining SVM to the domain)

Remove-ADComputer -Identity SVM1 -Server ldapserver.local -Credential (Get-Credential)

cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
User: LOCAL\LDAP_user
Password for user LOCAL\LDAP_user: ****************
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove" on target "CN=SVM1,OU=STORAGE,DC=ldap,DC=local".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Yes"):
PS>>

Accessing systemshell without diag user

The systemshell is used for low-level diagnostic purposes.

As per the Netapp documentation, only the diagnostic account user, named β€œdiag,” can access the systemshell.

systemname*> systemshell
login: diag
Password: 

WARNING:  The systemshell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

%whoami
diag

%exit
logout

systemname*>

However, it is possible to jump into the systemshell as root using the sudo command. This way is much faster because you don’t need to deal with the diag user problems (account locking, password changing, etc.).

filer01::*> set d
filer01::*> systemshell -node filer01-n01 -command "sudo bash"
  (system node systemshell)
bash-3.2#
bash-3.2# whoami
root
bash-3.2# ls -l /mroot
total 56
drwxrwxrwx  10 root  wheel  4096 Jan 19 12:00 .snapshot
-rw-r--r--   1 root  wheel     0 Jun 25  2015 .test
-rw-r--r--   1 root  wheel     0 Aug 12 20:18 .test_notifyd
drwxr-xr-x   2 root  wheel  4096 Aug  9 20:33 download
drwxr-xr-x  41 root  wheel  4096 Jan 19 12:08 etc
drwxrwxrwt   2 root  wheel  4096 Feb 20  2015 home
drwxr-xr-x   2 root  wheel  4096 Aug 12 20:18 storagelog
drwxr-xr-x   4 root  wheel  4096 Aug 12 18:45 var
drwxr-xr-x  45 root  wheel  4096 Nov  7 11:06 vserver_fs
bash-3.2#

© 2021 Jakub Bielaszka

Theme by Anders NorenUp ↑

Social media & sharing icons powered by UltimatelySocial