Try SpotterManage SMB shares on PowerScale Storage System. You can perform these operations
| "added in version" 1.2.0 of dellemc.powerscale"
Authors: Arindam Datta (@dattaarindam) <ansible.team@dell.com>, Trisha Datta (@Trisha-Datta) <ansible.team@dell.com>
Install with ansible-galaxy collection install dellemc.powerscale:==3.0.0
collections:
- name: dellemc.powerscale
version: 3.0.0Managing SMB share on PowerScale.
Create a new SMB share.
Modify an existing SMB share.
Get details of an existing SMB share.
Delete an existing SMB share.
- name: Create SMB share for non system access zone
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
path: "<path>"
access_zone: "{{non_system_access_zone}}"
state: "present"
- name: Create SMB share for system access zone
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
path: "{{system_az_path}}"
description: "{{description}}"
create_path: false
allow_variable_expansion: true
auto_create_directory: true
continuously_available: true
file_filter_extension:
extensions:
- "sample_extension_1"
type: "allow"
state: "present-in-share"
file_filtering_enabled: true
ca_timeout:
value: 60
unit: "minutes"
strict_ca_lockout: true
smb3_encryption_enabled: true
ca_write_integrity: "write-read-coherent"
change_notify: "all"
oplocks: true
impersonate_guest: "never"
impersonate_user: "sample_user"
host_acls:
- name: "sample_host_acl_1"
access_type: "allow"
- name: "sample_host_acl_2"
access_type: "deny"
state: "present"
- name: Create SMB share for system access zone
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
path: "<system_az_path>"
description: "{{description}}"
permissions:
- user_name: "{{system_az_user}}"
permission: "full"
permission_type: "allow"
- group_name: "{{system_az_group}}"
permission: "read"
permission_type: "allow"
- wellknown: "everyone"
permission: "read"
permission_type: "allow"
state: "present"
- name: Modify multiple params for an existing SMB share
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
path: "/ifs"
allow_variable_expansion: false
auto_create_directory: false
file_filter_extension:
extensions:
- 'sample_extension_2'
type: "allow"
state: "absent-in-share"
file_filtering_enabled: true
ca_timeout:
value: 15
unit: "minutes"
strict_ca_lockout: false
change_notify: "norecurse"
oplocks: false
impersonate_guest: "always"
impersonate_user: "new_user_2"
host_acls:
- name: "sample_host_acl_1"
access_type: "deny"
- name: "sample_host_acl_2"
access_type: "allow"
state: "present"
- name: Modify user permission for SMB share
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
path: "<system_az_path>"
description: "{{description}}"
permissions:
- user_name: "{{system_az_user}}"
permission: "full"
permission_type: "allow"
- group_name: "{{system_az_group}}"
permission: "write"
permission_type: "allow"
- wellknown: "everyone"
permission: "write"
permission_type: "deny"
state: "present"
- name: Delete system access zone SMB share
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
state: "absent"
- name: Get SMB share details
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
state: "present"
- name: Create SMB share for non system access zone
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
path: "<non_system_az_path>"
access_zone: "{{non_system_access_zone}}"
description: "{{description}}"
permissions:
- user_name: "{{non_system_az_user}}"
permission: "full"
permission_type: "allow"
- group_name: "{{non_system_az_group}}"
permission: "read"
permission_type: "allow"
- wellknown: "everyone"
permission: "read"
permission_type: "allow"
state: "present"
- name: Modify description for an non system access zone SMB share
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
access_zone: "{{non_system_access_zone}}"
description: "new description"
state: "present"
- name: Modify name for an existing non system access zone SMB share
dellemc.powerscale.smb:
onefs_host: "{{onefs_host}}"
verify_ssl: "{{verify_ssl}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
share_name: "{{name}}"
new_share_name: "{{new_name}}"
access_zone: "{{non_system_access_zone}}"
description: "new description"
state: "present"
path:
description:
- The path of the SMB share. This parameter will be mandatory only for the create
operation. This is the absolute path for System Access Zone and the relative path
for non-System Access Zone.
type: str
state:
choices:
- absent
- present
description:
- Defines whether the SMB share should exist or not.
required: true
type: str
oplocks:
description:
- Support oplocks.
type: bool
port_no:
default: '8080'
description:
- Port number of the PowerScale cluster.It defaults to 8080 if not specified.
required: false
type: str
api_user:
description:
- username of the PowerScale cluster.
required: true
type: str
browsable:
description:
- Share is visible in net view and the browse list.
type: bool
host_acls:
description:
- An ACL expressing which hosts are allowed access. A deny clause must be the final
entry.
elements: dict
suboptions:
access_type:
description:
- The access type of the host ACL.
required: true
type: str
name:
description:
- Name of the host ACL.
required: true
type: str
type: list
ca_timeout:
description:
- Continuosly available timeout for the SMB share.
suboptions:
unit:
choices:
- seconds
- minutes
- hours
default: seconds
description:
- Unit of the I(ca_timeout).
type: str
value:
description:
- Persistent open timeout for the share.
type: int
type: dict
onefs_host:
description:
- IP address or FQDN of the PowerScale cluster.
required: true
type: str
share_name:
description:
- The name of the SMB share.
required: true
type: str
verify_ssl:
choices:
- true
- false
description:
- boolean variable to specify whether to validate SSL certificate or not.
- C(true) - indicates that the SSL certificate should be verified.
- C(false) - indicates that the SSL certificate should not be verified.
required: true
type: bool
access_zone:
default: System
description:
- Access zone which contains this share. If not specified it will be considered as
a System Access Zone.
- For a non-System Access Zone the effective path where the SMB is created will be
determined by the base path of the Access Zone and the path provided by the user
in the playbook.
- For a System Access Zone the effective path will be the absolute path provided by
the user in the playbook.
type: str
create_path:
description:
- Create path if does not exist.
type: bool
description:
description:
- Description of the SMB share.
type: str
permissions:
description:
- Specifies permission for specific user, group, or trustee. Valid options read, write,
and full.
- This is a list of dictionaries. Each dictionry entry has 3 mandatory values as listed
below.
- 1)I(user_name)/I(group_name)/I(wellknown) can have actual name of the trustee like
C(user)/C(group)/C(wellknown).
- 2)I(permission) can be C(read)/'C(write)/C(full).
- 3)I(permission_type) can be C(allow)/C(deny).
- The fourth entry I(provider_type) is optional (default is C(local)).
- 4)I(provider_type) can be C(local)/C(file)/C(ads)/C(ldap)/C(nis).
elements: dict
type: list
api_password:
description:
- the password of the PowerScale cluster.
required: true
type: str
change_notify:
choices:
- all
- norecurse
- none
description:
- Level of change notification alerts on the share.
type: str
new_share_name:
description:
- The new name of the SMB share.
type: str
file_create_mask:
description:
- File creates mask bits. Octal value for owner, group, and others against read, write,
and execute.
type: str
file_create_mode:
description:
- File creates mode bits. Octal value for owner, group, and others against read, write,
and execute.
type: str
impersonate_user:
description:
- User account to be used as guest account.
type: str
ntfs_acl_support:
description:
- Support NTFS ACLs on files and directories.
type: bool
impersonate_guest:
choices:
- always
- never
- bad_user
description:
- Specify the condition in which user access is done as the guest account.
type: str
strict_ca_lockout:
description:
- Specifies if persistent opens would do strict lockout on the share.
type: bool
ca_write_integrity:
choices:
- none
- full
- write-read-coherent
description:
- Specify the level of write-integrity on continuously available shares.
type: str
auto_create_directory:
description:
- Automatically create home directories.
type: bool
directory_create_mask:
description:
- Directory creates mask bits. Octal value for owner, group, and others against read,
write, and execute.
type: str
directory_create_mode:
description:
- Directory creates mode bits. Octal value for owner, group, and others against read,
write, and execute.
type: str
file_filter_extension:
description:
- Details of file filter extensions.
suboptions:
extensions:
description:
- Specifies the list of file extensions.
elements: str
type: list
state:
choices:
- present-in-share
- absent-in-share
description:
- State of the file filter extensions.
type: str
type:
choices:
- allow
- deny
default: deny
description:
- Specifies if filter list is for C(deny) or C(allow). Default is C(deny).
type: str
type: dict
continuously_available:
description:
- Specify if persistent opens are allowed on the share.
type: bool
file_filtering_enabled:
description:
- Enables file filtering on this zone.
type: bool
smb3_encryption_enabled:
description:
- Enables SMB3 encryption for the share.
type: bool
access_based_enumeration:
description:
- Only enumerates files and folders for the requesting user has access to.
type: bool
allow_variable_expansion:
description:
- Allow automatic expansion of variables for home directories.
type: bool
access_based_enumeration_root_only:
description:
- Access-based enumeration on only the root directory of the share.
type: bool
changed:
description: A boolean indicating if the task had to make changes.
returned: always
sample: 'false'
type: bool
smb_details:
contains:
browsable:
description: Share is visible in net view and the browse list
type: bool
description:
description: Description of the SMB Share
type: str
directory_create_mask:
description: Directory create mask bit for SMB Share
type: int
directory_create_mask(octal):
description: Directory create mask bit for SMB Share in octal format
type: str
directory_create_mode:
description: Directory create mode bit for SMB Share
type: int
directory_create_mode(octal):
description: Directory create mode bit for SMB Share in octal format
type: str
file_create_mask:
description: File create mask bit for SMB Share
type: int
file_create_mask(octal):
description: File create mask bit for SMB Share in octal format
type: str
file_create_mode:
description: File create mode bit for SMB Share
type: int
file_create_mode(octal):
description: File create mode bit for SMB Share in octal format
type: str
id:
description: Id of the SMB Share
type: str
name:
description: Name of the SMB Share
type: str
path:
description: Path of the SMB Share
type: str
permission:
description: permission on the of the SMB Share for user/group/wellknown
type: list
description: Details of the SMB Share.
returned: always
sample:
shares:
- access_based_enumeration: false
access_based_enumeration_root_only: false
allow_delete_readonly: false
allow_execute_always: false
allow_variable_expansion: false
auto_create_directory: false
browsable: true
ca_timeout: 900
ca_write_integrity: write-read-coherent
change_notify: norecurse
continuously_available: true
create_permissions: default acl
csc_policy: manual
description: smb description updated
directory_create_mask: 448
directory_create_mask(octal): '700'
directory_create_mode: 0
directory_create_mode(octal): '0'
file_create_mask: 448
file_create_mask(octal): '700'
file_create_mode: 64
file_create_mode(octal): '100'
file_filter_extensions:
- sample_extension_1
file_filter_type: allow
file_filtering_enabled: true
hide_dot_files: false
host_acl:
- 'deny: sample_host_acl_1'
- 'allow: sample_host_acl_2'
id: test_sample_smb
impersonate_guest: always
impersonate_user: new_user_2
inheritable_path_acl: false
mangle_byte_start: 60672
mangle_map:
- 0x01-0x1F:-1
- 0x22:-1
- 0x2A:-1
- 0x3A:-1
- 0x3C:-1
- 0x3E:-1
- 0x3F:-1
- 0x5C:-1
name: test_sample_smb
ntfs_acl_support: true
oplocks: false
path: VALUE_SPECIFIED_IN_NO_LOG_PARAMETER
permissions:
- permission: read
permission_type: allow
trustee:
id: SID:S-1-1-0
name: Everyone
type: wellknown
run_as_root: []
smb3_encryption_enabled: false
sparse_file: false
strict_ca_lockout: false
strict_flush: true
strict_locking: false
zid: 1
type: complex