Wednesday, 22 June 2016

Brocade Network Advisor Migration to Another Server

Brocade Network Advisor Migration to Another Server

Version 12.x.x / Windows 2012
Login to BNA.
Servers --- Options --- Backup Now.

It takes several minutes to take a current backup.


In the new server install the BNA.
After the installation is complete, open SMC





Select the RESTORE TAB on the top.
Browse to the backup folder. The directory structure should be \Backup\Backup\ < ------ manifest file and folders located here.
Backup  -à This folder is created during the backup.
If you select the wrong directory, it would not work and throw error. So Select /backup as the location. Don’t select the backup folder which was created during the backup.





It might take some time to restore. After restoration. You’ll get a confirmation message.




POST INSTALLATION, USE THE OLD USERNAME AND PASSWORD.







Tuesday, 24 May 2016

One Solution for your NetApp support



NetApp Implementation, Administration and Monitoring Solution for mid size companies.


What's included:
  • Total documentation.
  • Basic NetApp training
  • Support for 1 year.
  • Guaranteed peace of mind. Experts from around the globe at your service (24/7 support).
  • All technical people are Certified NetApp Implementation Engineer.

Just for a price of € 800 / month for 1 HA Pair or MetroCluster. *
for further details feel free to contact us.


JOIN OUR TEAM:

Contact US with your CV and certifictions.

CONTACT US:
YEPPLER INTERNET SOLUTIONS Pvt LTD
email: connect@yeppler.com

*Services currently available in India, Germany and United Kingdom. Starting across Europe and US soon.

Brocade Quick Guide

Brocade Quick Guide

This information is from another blog.. I thought could be useful for users.

alicreate “Name”, “domain,port#”Used to create an alias
alicreate “Name”,”portname1; portname2″To create multiple ports under a single alias
alidelete “Name”To delete an alias
aliadd “Name”, “domain,port#”To add additional ports to an alias
aliremove “Name”, “domain,port#”To remove a port from the alias
alishow “AliName”To show the alias configuration on the switch
zonecreate “Zone Name”, “alias1; alias2″To create zones based on alias
zonedelete “ZoneName”To delete a zone
zoneadd “ZoneName”, “alias name”To add additional alias into the zone
zoneremove “ZoneName”, “alias name”To remove an alias from the zone
zoneshow “zoneName”To show the zone configuration information
cfgcreate “Configname”, “Zone1; Zone2″To create configurations by adding in zones
cfgdelete “ConfigName”To delete a configuration
cfgadd “ConfigName”, “Zone3″To add additional zones in the configuration
cfgremove “ConfigName”, “Zone3″To remove a zone from the configuration
cfgshow “ConfigName”To show the details of that configuration
cfgenable “ConfigName”To enable a configuration on the switch
cfgsaveTo have the effective configuration to be written into the flash memory
Show Commands
 psshowDisplays the status of the power supply
fansshowDisplays the status of the fans
tempshowDisplays the status of the temperature readings
sensorshowDisplays the status of the sensor readings
nsshowDisplays information in the name server
nsshow -tDisplays information in the name server
nsshow -rDisplays the information in the name server along with the state change registration details
nscamshowDisplays detailed information of all the devices connected to all the switches in the fabric (Remote Name Servers)
nsallshowDisplays the 24 bit address of all devices that are in the fabric
licenseshowDisplays all the licenses that have been added in the switch
dateDisplays the current date set on the switch
bannershowDisplays the banner that will appear when logging in using the CLI or web tools
httpcfgshowDisplays the JAVA version the switch expects at the management console
switchnameDisplays the name of the switch
fabricshowDisplays information of all the switches in the fabric
userconfig –show -aDisplays the account information like role , description , password exp date , locked status
switchstatusshowDisplays the overall status of the switch
switchstatuspolicyshowDisplays policy set for the switch regarding Marginal(Yellow) or Down(Red) error status
portshowTo show the port status
portcfgshowDisplays the speed set for all ports on all slots and other detailed port information
configshow fabric.opsDisplays the parameters of the switch. Ensure all switches in a fabric have the same parameters in order to communicate
configshowfabric.ops.pidFormatDisplays the PID set for a switch Core , Native or Extended edge
switchuptime OR uptimeDisplays the uptime for the switch
firmwareshowDisplays the firmware on the switch
versionDisplays the current firmware version on the switch
hashowDisplays the status of local and remote CP’s. High availability , heartbeat and synchronization
Port Settings
portcfgshowDisplays the port settings
portcfg rscnsupr [slot/port] –enableA registered state change registration is suppressed when a state change occurs on the port
portcfg rscnsupr [slot/port] –disableA registered state change registration is sent when a state change occurs on the port
portnameTo assign a name for a port
portdisableTo disable a port or slot
portenableTo enable a port or slot
portcfgpersistentdisableTo disable a port , status would not change even after rebooting the switch
portcfgpersistentenableTo enable a port , status would not change even after rebooting the switch
portshowTo show the port status
portcfgspeed ,To set speed for a port#te – 0:auto negotiated 1,2,4 Gbit/sec , 1 : 1Gbit/sec , 2 : 2 Gbit/sec , 4 : 4Gbit/sec
switchcfgspeedTo set speed for all the ports on the switch Note – 0:auto negotiated 1,2,4 Gbit/sec , 1 : 1Gbit/sec , 2 : 2 Gbit/sec , 4 : 4Gbit/sec
portcfgshowDisplays the speed set for all ports on all slots and other detailed port information
portcfgdefaultTo set the port settings to default
portcfglongdistanceTo set the long distance mode . Default is L0(Normal), as per distance will display LE <=10 kms , L0.5 <=25kms , L1 <=50 kms, L2<=100kms , LD=auto , LS = Static
portcfgeportUsed to disable a port from being a E port
Time and Date Settings
dateDisplays the current date set on the switch
tsclockserver 10.10.1.1Instruction for the principal switch to synchronize time with the NTP server (specify the  ip address of the NTP server)
tsclockserver LOCLInstruction to stop NTP server synchronization (Local time of the switch)
date mmddhhmmyyTo set the time of the switch when the NTP server synchronization is cancelled
tstimezone -5To set the time zone for individual switches
License Commands
licenseshowDisplays all the licenses that are added in the switch
licenseaddTo add a new license to the switch
licenseremoveTo remove a license from the switch
licenseidshowBased on Switch WWN
Banner Commands
bannershowDisplays the banner that will appear when logging in using the CLI or web tools
bannersetTo set the banner which will appear when logging in using the CLI or web tools
bannerset “”To remove the bannerset (two quotes)
Password commands
passwdTo change the password for that particular login
passwdcfg –set -lowercase 3 uppercase 1 -digits 2 -punctuation 2 -minlength 10 -history 3To set the password rules
passwdcfg –set -minpasswordage 1To set the minimum password age in Days
passwdcfg –set -maxpasswordage 30To set the maximum password age in Days
passwdcfg –set -warning 23To set a warning for the expiration Days remaining
passwdcfg –set -lockoutthreshold 5To set the account lockout thresh hold
passwdcfg –set -lockoutduration 30To set the account lockout duration in Minutes
passwdcfg –setdefaultTo restore the password policy to Factory settings (min length – 8, history -1 , lockoutduration – 30)
SNMP Commands
snmpconfigsnmpconfig for 5.0 above fos
agtcfgsetsnmp config for fos below 5.0
snmpmibcapsetfor choosing the MIB’s for the snmp settings
User Configuration
userconfig –show -a / userconfig –-showDisplays all the account information like role , description , password expiration date , locked status
userconfig –add john -r admin -d “John Doe”To add a new account -r = role , -d = description
userconfig –show johnDisplays all the information for the account john
userconfig –change -e noTo Disable an account , usually default a/cs like admin and user . But ensure before disabling the admin a/c there is another a/c with admin rights
userconfig –change -e yesTo Enable an account
Firmware commands
configuploadSaves the switch config as an ASCII text file to an FTP server
configdownloadTo restore a switch configuration from ASCII text file Note – Need to disable the switch before downloading the config file
configure => cfgload attributes : [y] => Ensure secure config upload / download : [y]Fabric OS v 4.4 & above provides Secure File Copy Protocol (SCP) during upload or download of configurations
firmwaredownloadTo download the firmware to be installed on the switch
firmwareshowTo be run after installing the firmware on the switch
versionDisplays the current firmware version on the switch
fastbootNeeds to be run after installing the firmware. This does not include the post.
rebootNeeds to be run after installing the firmware. This includes the post.
Miscellaneous commands
killtelnetTo kill a particular session which is using telnet
configureTo configure a switch
quietmodeTo switch off the quiet mode
quietmode 1To suppress messages to the console
switchnameDisplays the switch name
switchname “EXAMPLE”To assign a switch name
bannersetTo set the banner which will appear when logging in using the CLI or web tools
timeoutDisplays the timeout time set for Telnet session on the switch
timeout 10To set a specific timeout time for the Telnet session
switchuptime or uptimeDisplays the uptime for the switch
switchcfgspeedTo set speed for all the ports on the switch Note – 0:auto negotiated 1,2,4 Gbit/sec , 1 : 1Gbit/sec , 2 : 2 Gbit/sec , 4 : 4Gbit/sec
fastbootTo reboot the switch without post
rebootTo reboot the switch with the post
switchstatusshowDisplays the overall status of the switch
switchstatuspolicyshowDisplays policy set for the switch regarding Marginal(Yellow) or Down(Red) error status
switchstatuspolicysetTo change the policy set for the switch regarding Marginal(Yellow) or Down(Red) error status

Thursday, 25 February 2016

NetApp Systems Manager error 500 permission denied: connect

NetApp Systems Manager error 500 permission denied: connect

This is a very common problem for people who use systems manager:






The trick to fix it is first enable the httpd access.

netapp01> options httpd.admin.enable on

and then try checking.. you will most probably have a warning message this time.




Now enable the tls. Based on the version you might need to run it in advance mode.

netapp01> options tls.enable on

This should fix the issue and you should be able to login to netapp via the systems manager seamlessly.







Netapp Cluster Mode reading the log files using a browser

NetApp Cluster Mode reading the log files using a browser

The filer network ips and the vservers.

cluster600::> net int show
  (network interface show)
            Logical    Status     Network            Current       Current Is
Vserver     Interface  Admin/Oper Address/Mask       Node          Port    Home
----------- ---------- ---------- ------------------ ------------- ------- ----
cluster600
            cluster_mgmt up/up    192.168.199.170/24 cluster600-01 e0a     true
cluster600-01
            mgmt1        up/up    192.168.199.171/24 cluster600-01 e0a     true
nfs600
            nfs600_lif1  up/up    192.168.199.180/24 cluster600-01 e0c     true
nfs700
            nfs700_lif1  up/up    192.168.199.181/24 cluster600-01 e0d     true
nfs800
            nfs800_nfs_lif1
                         up/up    192.168.199.182/24 cluster600-01 e0c     true
nfs_test
            nfs_test_lif1
                         up/up    192.168.199.188/24 cluster600-01 e0a     true
6 entries were displayed.


cluster600::>

We first create a user 'logger'

cluster600::> security login create -username logger -application http -authmethod password

Please enter a password for user 'logger':

Please enter it again:

Then enable the services for it.

cluster600::> vserver services web modify -vserver * -name spi -enabled true

Warning: The service 'spi' depends on: ontapi.  Enabling 'spi' will enable all of its prerequisites.
Do you want to continue? {y|n}: y
2 entries were modified.

cluster600::>


cluster600::> vserver services web access create -name spi -role admin -vserver cluster600
cluster600::> vserver services web access create -name compat  -role admin -vserver cluster600
cluster600::>

Now we can login from a browser.
https://*cluster_mgmt_ip*/spi/*nodename*/etc/log
In this example:
Cluster management IP: 192.168.199.171
Node name: cluster600-01


Tuesday, 23 February 2016

Cracking the NetApp 7 mode systemshell (c-shell) part 1

This was a request from one of the reader of my blog for deep dive into 7mode.

Logging into system shell:

netapp01>
netapp01> priv set diag
Warning: These diagnostic commands are for use by NetApp
         personnel only.
netapp01*> systemshell

Data ONTAP/amd64 (netapp01) (pts/0)

login: diag
Password:
Last login: Tue Feb 23 13:17:04 from localhost


Warning:  The system shell provides access to low-level
diagnostic tools that can cause irreparable damage to
the system if not used properly.  Use this environment
only when directed to do so by support personnel.

netapp01% 

For some reason, the hidden diagnostic user is named diaguser but invoked as diag
When we login to the systemshell, we are into a C Shell (csh) with a user id of 1002 and a home directory of /var/home/diag. Some useful aliases for your reference:
bash-3.2# exit
netapp01% alias
h       (history 25)
j       (jobs -l)
la      (ls -a)
lf      (ls -FA)
ll      (ls -lA)

Unfortunately logging into systemshell as user diag does not provide you with root privileges.
So how do you become root? Quite easily as it turns out. The Bash shell exists at /usr/bin/bash and is owned by root. So invoking sudo bash changes your id to 0, i.e. root,. Note that no man pages are available in either of these shells.
By the way, you could also have entered sudo /bin/sh to instead use a Bourne shell, but then you would not have command completion or command history.
Here is the contents of /etc/sudoers:
netapp01%
netapp01% sudo bash
bash-3.2#
bash-3.2#

bash-3.2# cat /etc/sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
# Failure to use 'visudo' may result in syntax or file permission errors
# that prevent sudo from running.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification
# Uncomment if needed to preserve environmental variables related to the
# FreeBSD pkg_* utilities.
#Defaults       env_keep += "PKG_PATH PKG_DBDIR PKG_TMPDIR TMPDIR PACKAGEROOT PACKAGESITE PKGDIR"

# Uncomment if needed to preserve environmental variables related to
# portupgrade. (portupgrade uses some of the same variables as the pkg_*
# tools so their Defaults above should be uncommented if needed too.)
#Defaults       env_keep += "PORTSDIR PORTS_INDEX PORTS_DBDIR PACKAGES PKGTOOLS_CONF"

# Runas alias specification

# User privilege specification
root    ALL=(ALL) ALL
diag    ALL=(ALL) NOPASSWD: ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL) ALL

# Same thing without a password
# %wheel        ALL=(ALL) NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now
bash-3.2#

Nothing special.. just that the diag user gains root privileges without entering any password. where as root user needs to enter it.
Now, where is the real password file? Turns out that it is in /var/etc.
bash-3.2# cd /var/etc/
bash-3.2# ls
bootargs                ipf6.user.rules         periodic.conf.local
dhclient-enter-hooks    localtime               php.ini
dhclient.conf           master.passwd           pwd.db
fstab                   motd                    rc.conf
group                   ndmpd.conf              resolv.conf
host.conf               newsyslog.conf          spwd.db
hosts                   nsmb.conf               ssh
httpd-custom.conf       nsswitch.conf           sysctl.conf
httpd-custom.conf.old   ntp.conf                ttys
httpd-vserver.conf      opieaccess              ttys.old
inetd.conf              passwd                  vsa_vsphere_config
ipf.user.rules          periodic.conf
bash-3.2#

And here is the content of the password file as obtained by vipw:

# $FreeBSD$
#
root:$1$9f58c0d6$NcokQbZbvosXgi2G/EQ2L.:0:0::0:0:Charlie &:/root:/usr/sbin/nolog
in
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/no
login
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65::0:0:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp
/uucico

the complete ontap backup is stored in 
bash-3.2# cd /cfcard/
bash-3.2# ls
BOOT_SEQ        cores           env             env_bak         x86_64

the mount details:

bash-3.2# mount
/dev/md0 on / (ufs, local, read-only)
devfs on /dev (devfs, local)
/dev/ad0s2 on /cfcard (msdosfs, local)
/dev/md1.uzip on / (ufs, local, read-only, union)
/dev/md2.uzip on /platform (ufs, local, read-only)
/dev/ad3 on /sim (ufs, local, noclusterr, noclusterw)
/dev/ad1s1 on /var (ufs, local, synchronous)
procfs on /proc (procfs, local)
/dev/md3 on /tmp (ufs, local, soft-updates)
localhost:0x80000000,0xef341a80 on /mroot (spin)
clusfs on /clus (clusfs, local)

All the configuration files are stored in:
bash-3.2# cd /mroot/etc
bash-3.2# ls
.avail                  firmware                registry
.mroot.cksum            group                   registry.0
.mroot_late.cksum       hba_fw                  registry.1
.pmroot.cksum           hosts                   registry.bck
.pmroot_late.cksum      hosts.bak               registry.default
.rotate_complete        hosts.equiv             registry.lastgood
.zapi                   hosts.equiv.bak         registry.local
acpp_fw                 http                    registry.local.0
asup_content.conf       initial_varfs.tgz       registry.local.1
backups                 keymgr                  registry.local.bck
cifs_homedir.cfg        lang                    rmtab
cifs_nbalias.cfg        lclgroups.bak           serialnum
cifsconfig_setup.cfg    lclgroups.cfg           services
cifsconfig_share.cfg    log                     shelf_fw
cifssec.cfg             man                     sldiag
clihelp                 messages                sm
cluster_config          messages.0              snmppersist.conf
configs                 mib                     sshd
crash                   mlnx                    stats
dgateways               mlog                    sysconfigtab
dgateways.bak           netapp_filer.dtd        syslog.conf.sample
disk_fw                 nsswitch.conf           tape_config
entropy                 nsswitch.conf.bak       usermap.cfg
entropy-file            oldvarfs.tgz            varfs.tgz
exports                 ontapAuditE.dll         vfiler
exports.bak             passwd                  vserver_4294967295
exports.old             quotas                  www
exports_arc             raid                    zoneinfo
filersid.cfg            rc
bash-3.2#
bash-3.2#
bash-3.2#

Will continue will lot more stuff in next part of the same blog, till then stay tuned.. Don't forget to share it.. 

Featured post

Netapp monitoring solution from scratch

I created a netapp monitoring solution on a UNIX machine... and have uploaded the static files to a free php server for so that you under...