jrich523
Need to be able to remove Initiator Groups from volume
Hi Justin,
I can't figure out how to remove an initiator group from a volume. It looks like the remove-nsinit* cmdlets modify initiator groups, not volumes. (Am I reading this wrong?)
I tried: Add-NSInitiatorGroupToVolume -InitiatorGroup $initgroup -Volume $datavolume -Access none
But got an error that -Access can't be none.
Is there another way to accomplish this using the module?
Thanks!
Clint
That cmdlet - based on the help - looks to remove an IP or IQN from an initiator group...
I need to change the ACL of a volume by removing an initiator group.
Do a gcm remove* -module nimble
I think there is another one without the "from"in the name that I think will do what you need
There is another - Remove-NSInitatorGroup The help suggests it removed the initiator group from the Nimble array, I just need to remove the initiator group from one Volume. (Am I wrong?)
I can't delete and re-create the initiator group, because that would kill the VMware environment.
I'll have to dig in to it a bit more. I no longer have access to a unit so it's a bit tough, but I'll take a look at the api
Thanks! I appreciate the work you've done on the module. I hope to get a some time to add to the help documentation for the cmdlets, but haven't figured out where to put that... (Do I need Visual Studios or something?)
It's just the format of the comment at the top of the function On Sep 25, 2014 9:49 AM, "Clint McGuire" [email protected] wrote:
Thanks! I appreciate the work you've done on the module. I hope to get a some time to add to the help documentation for the cmdlets, but haven't figured out where to put that... (Do I need Visual Studios or something?)
— Reply to this email directly or view it on GitHub https://github.com/jrich523/NimblePowerShell/issues/4#issuecomment-56848118 .
So I have a Get-NSVolumeACL which really all it does is look at the acllist property of a volume. I dont have a good way to check this, but if you check its type you might be able to just use a remove() on it
$vol = get-nsvolume "itsname"
$vol.acllist #shows current acl list, fine the index/name of what you want to remove
$vol.acllist.gettype() #check to see what type of object it is, i assume some sort of basic array?
$vol.acllist | gm #check what members it has, and how they work
$vol | gm # the gettype() will probably not show if it allows set, so look for the acllist in this list, it should have a get;set; on it to let you know you can modify it.
With this you could then create a function called Remove-NSACL
Now that we have this conversation I feel like the names should be different... I'll have to give this some thought...
Hi Justin, Thanks for the follow up!
PS> $vol.acllist | gm TypeName: VolAclRec
Name MemberType Definition
Equals Method bool Equals(System.Object obj) GetHashCode Method int GetHashCode() GetType Method type GetType() ToString Method string ToString() applyto Property SmVolAclApply applyto {get;set;} chapuser Property string chapuser {get;set;} initiatorgrp Property string initiatorgrp {get;set;}
So... $vol.acllist.initiatorgrp.set($null) should work?
Almost,
initiatorgrp Property string initiatorgrp {get;set;}
That indicates its a property of type string so there is no Set() method and you'll have to test this because there may be an array in there some place but try out
$vol.acllist.initiatorgrp
If that works to return what you'd expect then set it
$vol.acllist.initiatorgrp = $null
Depending on how all this works, if that fails you might need to try setting it to "" You can probably tell which is the better option by looking at the value of the Chapuser, since its also a string, see if its "" or null
It might not matter, and cast ok, but depending on how things go, that should be enough info to help you solve the problem.
Hi Justin, I still can't modify the ACL... I tried = $null, = "", = '' [single quotes]
I always get
The property 'initiatorgrp' cannot be found on this object. Verify the property exists and can be set.
I noticed that if I $vol | format-list with a volume that has no ACL the aclList line is blank, but if I use a volume with an ACL it shows {VolAclRec}
Is there a way to create an empty VolAclRec to replace the current one? Or would it be possible for you to write a Remove-NSInitiatorFromVolume cmdlet?
Thanks,
hmm let me just start from the top.. you want to just remove the init group from the volume. If we look at how I add it:
$rtncode = $Script:NSUnit.addVolAcl($script:sid.value,$Volume,$applyto ,"*", $InitiatorGroup)
https://github.com/jrich523/NimblePowerShell/blob/master/Initiator.ps1#L318
you'll see that we're adding the whole group to a volume and picking an access type for it.
This is done with a method, addVolAcl, which would make me think there is a remove on the NSUnit (I think you figured this out already, but you can create the unit object with the login function code)
so if you were to build a local one,
$unit = new-object groupmgmt
$unit | gm | ? {$_.name -like "acl"}
we'll see there is a similar remove,
removeVolAcl(string sid, string volname, Nimble.SmVolAclApply applyTo, string chapuser, string initiatorgrp)
So this takes some of the same info. You'll want to verify that whatever is being requested to be removed is there so this function will require a bit of checking, but I think thats what you need.
On Tue, Oct 14, 2014 at 3:31 PM, Clint McGuire [email protected] wrote:
Hi Justin, I still can't modify the ACL... I tried = $null, = "", = '' [single quotes]
I always get
The property 'initiatorgrp' cannot be found on this object. Verify the property exists and can be set.
I noticed that if I $vol | format-list with a volume that has no ACL the aclList line is blank, but if I use a volume with an ACL it shows {VolAclRec}
Is there a way to create an empty VolAclRec to replace the current one? Or would it be possible for you to write a Remove-NSInitiatorFromVolume cmdlet?
Thanks,
— Reply to this email directly or view it on GitHub https://github.com/jrich523/NimblePowerShell/issues/4#issuecomment-59128282 .