Automating CIFS Server Domain Joins for ONTAP

There’s probably not much demand for automating CIFS Server Domain joins (cifs server create). Still, if you have to create a lot of SVMs, and each SVM has a CIFS server on the same domain, and you don’t want to keep having to enter the domain administrative credentials (or getting someone else to do this), this blog post might be of interest.

CIFS Server domain join in ClusterShell

Using ClusterShell to do CIFS Server Domain joins is fine - unless you have lots to do. If you have lots to do, then having to keep entering user name and password is a pain. Example below:


C910::> cifs server create -vserver SVM1 -cifs-server SVM1 -domain lab.priv

In order to create an Active Directory machine account for the CIFS server, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "CN=Computers" container within the "LAB.PRIV" domain.

Enter the user name: administrator
Enter the password: ********


CIFS Server domain joins in PowerShell

In PowerShell we can save the domain credentials so we don’t need to keep inputting them. The below is an example of how to do a domain join in PowerShell using the Data ONTAP PowerShell Toolkit.

The penultimate line is where we store the domain credentials. The domain join is in the final line. And the rest is just setup (intentionally verbose to make it clear what we’re doing.) This is not a PowerShell script, this is just typed (or pasted) directly after the PowerShell prompt>


Import-Module DataONTAP

$ClusterCredential = New-Object System.Management.Automation.PsCredential($(Read-Host "Cluster Username"),$(Read-Host "Cluster Password" -AsSecureString))

$CLUSTER = "10.0.1.70"
Add-NcCredential -Name $CLUSTER -Credential $ClusterCredential
Connect-NcController $CLUSTER

$DomainCredential = New-Object System.Management.Automation.PsCredential($(Read-Host "Domain Username"),$(Read-Host "Domain Password" -AsSecureString))

Add-NcCifsServer -VserverContext SVM1 -Name SVM1 -Domain lab.priv -AdminCredential $DomainCredential -Force


Image: Example Output (note the domain username is administrator@lab.priv)

And for subsequent CIFS Server domain joins, you can just copy and paste a script of PowerShell commands into PowerShell>


Add-NcCifsServer -VserverContext SVM2 -Name SVM2 -Domain lab.priv -AdminCredential $DomainCredential -Force
Add-NcCifsServer -VserverContext SVM3 -Name SVM3 -Domain lab.priv -AdminCredential $DomainCredential -Force
Add-NcCifsServer -VserverContext SVM4 -Name SVM4 -Domain lab.priv -AdminCredential $DomainCredential -Force


And on…

BONUS UPDATE: CIFS Server domain re-joins in PowerShell

If you want to rename the CIFS server (re-join AD with a new AD Machine Account), the PowerShell is like below (where SVM1 is the new CIFS server name - might have been SVM1-TEMP before):


set-nccifsserver -VserverContext SVM1 -AdministrativeStatus down -Domain lab.priv -AdminCredential $DomainCredential
set-nccifsserver -VserverContext SVM1 -CifsServer SVM1 -Domain lab.priv -AdminCredential $DomainCredential -Force


Comments

  1. I truly value this superb post that you have accommodated us. I guarantee this would be helpful for a large portion of the general population. https://serverbrowse.com/

    ReplyDelete
  2. Right humans speeches must seat as well as memorialize around the groom and bride. Beginer sound system around rowdy locations should always not forget currently the glowing leadership of a speaking, which is one’s boat. best man speeches brother front end development company

    ReplyDelete
  3. I'm constantly searching on the internet for posts that will help me. Too much is clearly to learn about this. I believe you created good quality items in Functions also. Keep working, congrats! https://serverbrowse.com/

    ReplyDelete
  4. This particular papers fabulous, and My spouse and i enjoy each of the perform that you have placed into this. I’m sure that you will be making a really useful place. I has been additionally pleased. Good perform! namecheap domain

    ReplyDelete

Post a comment