Will I see you at #NetAppInsight 2016?


NetApp Insight 2016 in Las Vegas is approaching quickly (too quickly if you have to present sessions). Last year, I created blogs to highlight the sessions I’ll be presenting, in case any of you are attending Insight and want to pop in.

This year, more of the same!

I’ll be floating around Insight, possibly donning the Flash costume:



I’ll also be doing some Tech ONTAP podcast stuff. Want to be interviewed? Let me know or email podcast@netapp.com with the subject “Insight 2016.” We’ll roll them into our daily Insight recaps or the post-Insight show.

Last year, we also did some video interviews:

My Sessions

I have 3 sessions this year. You can register for them via the Insight app or Schedule Builder. My sessions are:

60831-2 – How Customers and Partners Use Network File System for Virtualization

I’ll be presenting this one with Dave Morera (@greatwhitetec) of HA Storage in Las Vegas and Mark Carlton (@mcarlton1983) of Arrow in Berlin. Both are members of the NetApp A-Team.

This session will present partner and customer use cases, real-world experience and lessons learned in network file system deployments and implementation for virtualized environments. Learn who prefers network file system over iSCSI for VMware® deployments, what Microsoft® applications are supported on network file system in virtual machine disks. Find out how to make sure your network file system virtual machine deployments are following the best practices from people who implement and architect on a day-to-day basis.

60411-2 – Do More With Less: A FlexGroup Technical Primer

You may or may not have heard of FlexGroups. If so, come to this session to get a deep dive into the inner workings of the new scale-out NAS file system. If you haven’t, check out Sunitha Rao’s FlexGroup Overview session (61054-1) and then come to mine anyway.

NetApp® ONTAP® 9 FlexGroup technology provides a new way to increase scapacity to near infinite levels while increasing performance for concurrent workloads. This technical deep dive will take a look at what is FlexGroup, how they work under the covers, as well as how FlexGroup’s stack up to other scale out NAS solutions on the market today. Come learn about the next generation of scale-out NAS solutions and find out how to do more with less!

60191-3-TT – Authentication Deep Dive: NetApp ONTAP

This is a reprise of last year’s popular session (rated nearly a 5.0!) where we go into a deep dive of ONTAP’s authentication mechanisms for NAS. This is a level 3 session and internal to partners and NetApp employees only.

Authentication in NetApp® ONTAP® uses the security daemon (SecD) for connectivity to external dependencies for NAS protocols such as active directory, LDAP, NIS and DNS. This session will cover how the security daemon works in ONTAP and beyond, as well as how to troubleshoot issues and what kind of statistics are available for the security daemon and external name services.

Also, check out Melissa Wright’s (@vMiss33) session list here!


TECH::TR-4379 Name Services Best Practices in clustered Data ONTAP updated for 8.3.1!

It’s time for new technical report updates!

Since clustered Data ONTAP 8.3.1 is now available, we are publishing our 8.3.1 updates to our docs.


TR-4379: Name Services Best Practices covers a wide range of considerations when using external name services like LDAP, DNS and NIS with your clustered Data ONTAP storage system. External name services are critical to NAS environments, as they help control identity management, Kerberos authentication, hostname resolution, netgroups and export policy rule access.

What’s new in TR-4379?

  • Dynamic DNS support information for 8.3.1
  • Clarification and updates on existing best practices
  • Improved information on name server best practices
  • Upgrade considerations

Where can I find it?

Technical reports can be found a variety of ways. Google search works, as does looking in the NetApp library. I cover how to be better at NetApp documentation in a separate blog post.

To make it super easy, just follow this link:

TR-4379: Name Services Best Practices

TECH::Sneak preview! Converting 7-Mode NAS Troubleshooting Commands to clustered Data ONTAP Commands

It’s Technical Report revision time again, as we await the next release of clustered Data ONTAP – 8.3.1.

While writing my new revision of TR-4073: Secure Unified Authentication, I was making a table of commands for NAS troubleshooting that I converted from 7-Mode to cDOT. The TR won’t be available for a bit, but I can at least post the table here for you to peruse/use. Check back on occasion for updates. If you have things you want me to add, comment here or follow me on Twitter @NFSDudeAbides!

7-Mode Command Clustered Data ONTAP 8.3.x Command What it does
exportfs –c vserver export-policy check-access Verifies if a specific host has access to a specific mount and what level of access it has.
exportfs –f vserver export-policy cache flush Flushes the exports cache on a local node. Use with caution, as flushing cache causes it to need to be repopulated.
fsecurity show vserver security file-directory show Show the file owner, ACLs, permissions, etc. from ONTAP CLI.
getXXbyYY getXXbyYY Allows simulation of external name service queries from ONTAP CLI. (ie, LDAP, NIS)
ifstat node run ifstat Shows physical network port statistics.
lock status/break vserver locks show/break Shows and breaks NFS or CIFS locks on files. Use with caution.
nbtstat vserver cifs nbtstat Shows NetBIOS information.
netstat node run netstat

network connections active show

network connections listening show

Shows network status, port information (listening, open, etc).
nfs diag show



diag exports nblade access-cache show

diag nblade credentials show

Show diagnostic level NFS information. Use with caution.
nfs nsdb flush diag nblade credentials flush Flush the nsdb (Name Services Database) cache.
nfs_hist N/A Shows nfs histogram.
nfsstat statistics start -object nfs*/statistics stop Shows NFS related statistics.
nis info nis show-statistics

nis show-bound-debug

Shows NIS information.
options nfs.mountd.trace logger mgwd log modify -node -module mgwd::exports -level debug Shows trace output of mount requests. Use with caution and always disable after use. Logs to /mroot/etc/mlog/mgwd.log.
options cifs.trace_login diag secd trace set -node -trace-all yes

diag secd log set -node -level debug -enter-exit on

Shows trace output of name mapping, CIFS logins,etc. Use with caution and always disable after use. Logs to /mroot/etc/mlog/secd.log.
ping network ping Runs ping.
pktt node run [nodename] pktt Collects a packet capture. For details on packet traces in clustered Data ONTAP, see the following knowledge base article.

How to collect packet traces in clustered Data ONTAP

route network route Create/show/delete routes.
sectrace vserver security trace filter Used to troubleshoot security/permissions issues. For more information, see the following knowledge base article:

How to troubleshoot Microsoft Client permission issues on a NetApp Vserver running Clustered Data ONTAP

showfh node run [nodename where file lives] “priv set diag; showfh” Shows the file handle, FSID, etc for files and folders.
traceroute traceroute Trace routes between devices.
wcc diag nblade credentials

diag secd authentication show-creds

Show/flush credential stores on local nodes. Use with caution.
ypcat N/A Dumps contents of entire NIS map.
ypmatch diag secd authentication show-ontap-admin-unix-creds Fetches NIS object’s attributes.
ypwhich diag secd connections show -node [nodename] -vserver [SVM] -type nis Shows the NIS map server/master.

In addition, check out the Command Map for 7-Mode administrators, as well as How 7-Mode Configuration Files Map to cDOT commands and How 7-Mode Options Map to cDOT commands.