Isilon OneFS Version 7.0.1 Platform API Reference
Dec 24, 2015
IsilonOneFSVersion 7.0.1
Platform API Reference
Published December, 2012
Copyright © 2001 - 2012 EMC Corporation. All rights reserved.
EMC believes the information in this publication is accurate as of its publication date. The information is subject to changewithout notice.
The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind withrespect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for aparticular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicablesoftware license.
EMC², EMC, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and othercountries. All other trademarks used herein are the property of their respective owners.
For the most up-to-date product documentation, go to the Isilon Customer Support Center.
EMC CorporationHopkinton, Massachusetts 01748-91031-508-435-1000 In North America 1-866-464-7381www.EMC.com
2 OneFS 7.0.1 Platform API Reference
Introduction to the Platform API 7
API architecture ..............................................................................................8HTTP methods...........................................................................................8Interaction patterns..................................................................................8Platform API self-documentation.............................................................11
Access Control..............................................................................................12HTTP Basic Authentication......................................................................12Configure a session cookie.....................................................................12
Platform API session resource 15
Create a session............................................................................................16Send a request using a session cookie..........................................................16Get information about the current session.....................................................16Log out of a session......................................................................................16
Authentication resources 19
Auth user security token resource..................................................................20Auth groups resource....................................................................................21Auth groups members resource.....................................................................22Auth users resource......................................................................................23Auth users member of resource.....................................................................24Auth netgroups resource...............................................................................25Auth mapping users rules resource...............................................................25Auth mapping users lookup resource............................................................26Auth providers summary resource.................................................................26Auth ADS providers resource.........................................................................27Auth ADS providers domains resource...........................................................29Auth ADS providers controllers resource........................................................30Auth ADS providers search resource..............................................................31Auth file providers resource...........................................................................32Auth LDAP providers resource.......................................................................34Auth local providers resource........................................................................37Auth NIS providers resource..........................................................................39Auth roles resource.......................................................................................41Auth roles members resource........................................................................42Auth roles privileges resource.......................................................................42Auth global settings resource........................................................................43Auth shells resource......................................................................................44Auth wellknowns resource.............................................................................45Persona properties........................................................................................45Privilege properties.......................................................................................45Groups properties.........................................................................................46Users properties............................................................................................46Domain properties........................................................................................48Option properties..........................................................................................48Roles properties............................................................................................48
Chapter 1
Chapter 2
Chapter 3
CONTENTS
OneFS 7.0.1 Platform API Reference 3
NFS resources 49
NFS exports summary resource......................................................................50NFS export resource......................................................................................50NFS NLM locks resource................................................................................51NFS NLM lock waiters resource......................................................................52NFS NLM sessions resource...........................................................................53NFS default export settings resource.............................................................53NFS global settings resource.........................................................................56NFS exports configuration check resource.....................................................57NFS reload resource......................................................................................57NFS export properties....................................................................................58NLM locks properties.....................................................................................61NLM waiter properties...................................................................................61NLM session properties.................................................................................62NFS map properties.......................................................................................62
SMB resources 63
SMB shares summary resource.....................................................................64SMB shares resource.....................................................................................64SMB open files resource................................................................................65SMB sessions resource.................................................................................66SMB share settings resource.........................................................................67SMB global settings resource........................................................................69Share properties...........................................................................................70Run as root properties...................................................................................72Permissions properties..................................................................................73Trustee properties.........................................................................................73Open files properties.....................................................................................73Sessions properties......................................................................................73
Quota resources 75
Quota license resource..................................................................................76Quota summary resource..............................................................................76Quotas resource............................................................................................77Quota quotas notification rules resource.......................................................78Quota reports resource..................................................................................79Quota about reports resource........................................................................81Quota report settings resource......................................................................81Quota default notifications rules resource.....................................................82Quota mappings settings resource................................................................83Quotas properties.........................................................................................84Persona properties........................................................................................85Usage properties...........................................................................................86Threshold properties.....................................................................................86
Snapshot resources 87
Snapshot license resource............................................................................88Snapshot summary resource.........................................................................88Snapshots resource......................................................................................89Snapshot schedules resource.......................................................................90Snapshot locks resource...............................................................................91Snapshot pending resource...........................................................................92
Chapter 4
Chapter 5
Chapter 6
Chapter 7
CONTENTS
4 OneFS 7.0.1 Platform API Reference
Snapshot settings resource...........................................................................93Snapshot properties......................................................................................94Schedules properties....................................................................................95Lock properties.............................................................................................95Pending properties........................................................................................95
Zones resources 97
Zones summary resource..............................................................................98Zones resource..............................................................................................98Zone persona properties...............................................................................99
Chapter 8
CONTENTS
OneFS 7.0.1 Platform API Reference 5
CONTENTS
6 OneFS 7.0.1 Platform API Reference
CHAPTER 1
Introduction to the Platform API
The Isilon OneFS Platform API provides access to cluster configuration, management, andmonitoring functionality through an HTTP-based interface that conforms to the principlesof Representation State Transfer (REST) architecture. Through this interface, clusteradministrators can develop clients and software to automate the management andmonitoring of their EMC Isilon storage systems.
The Platform API represents system configuration and status information through objectsand collections of objects. These objects and collections are exposed as resources,which are represented by Uniform Resource Identifiers (URIs). Resources are manipulatedusing standard HTTP methods (GET, POST, PUT, and DELETE). The representations ofobjects and collections are exchanged between client software and the cluster asJavaScript Object Notation (JSON) formatted documents.
You must have a solid understanding of HTTP/1.1, RFC2616 and experiencewriting HTTP-based client software before you can implement the Platform API.
The following table provides definitions for terms that are relevant to understanding thePlatform API.
Object An object is a logical grouping of systemconfiguration data. An object can be created byusers or an object can be a global setting on thesystem.
For example, a user-created object can be a filesystem snapshot, quota, share, export, blockstorage target, logical unit, sync policy, jobimpact policy, and so on.
An object can also be a system global settingsuch as job engine settings, default sharesettings, HTTP server settings, snapshotsubsystem settings, and so on.
Collection A collection represents a group of the same orsimilar types of objects. For example, all of theuser-defined quotas in the system make up acollection of quotas.
Resource A resource is an object, collection, or dataprocessing facility that is accessible by a URIthrough the Platform API.
u API architecture ......................................................................................................8u Access Control......................................................................................................12
Introduction to the Platform API 7
API architectureThe Platform API URIs and HTTP methods are organized into patterns that provide supportfor manipulating objects and collections.
Much of cluster administration involves reading, creating, modifying, and deletingconfiguration information. Typically, configuration information is arranged into groups ofrelated settings and properties called objects; similar objects are further organized intocollections.
A system object represents global system configuration information and is not part of acollection. A user object represents configurations that are defined by users; theseobjects are typically organized into a collection.
HTTP methodsYou can perform operations by applying HTTP methods to resource URIs.
The Platform API only implements the HTTP methods defined by RFC 2616, with thefollowing distinctions:u The POST method is generally used to create resources.
u The PUT method enables partial modification of a resource through partialrepresentation.
u The PUT and POST methods do not return full resource entity bodies upon success.
u The POST method returns a document indicating the success of the request and thelocation of the created resource.
Interaction patternsYou can interact with the system configuration by applying HTTP methods to resourceURIs according to a set of usage patterns.
u The Platform API supports a maximum URI length of 8,198 characters.
u When making multiple changes to the Platform API, it is recommended that userssend all requests to a single node to avoid potential configuration collisions.
Read a system objectYou can directly manipulate configuration objects where the object has a uniqueidentifier; the identifier is the URL that represents the direct path to that object.
Pattern:
GET /<resource-version>/<namespace>/<object-id>
Request:
GET /<resource-version>/<namespace>/<object-id>
Response:Content-Type: application/json{"<object>": { "<property>": <value>, ... }}
Introduction to the Platform API
8 OneFS 7.0.1 Platform API Reference
Modify a system objectYou can partially modify objects by allowing the client to send a partial representation ofthe properties. Only the properties included in the representation are modified on theresource, which leaves all other unspecified properties in their current state.
Pattern: PUT /<resource-version>/<namespace>/<object-id>Request:
PUT /<resource-version>/<namespace>/<object-id> Content-Type: application/json{ "<property>": <value> ...}
Response:{Standard JSON success or error response}
Read an entire collectionYou can read all of the objects in a collection through the GET method.
Pattern:
GET /<resource-version>/<namespace>/<collection-name>
Request:
GET /<resource-version>/<namespace>/<collection-name>
Response:Content-Type: application/json{ "<collection>": [ "<property>": <value> ... ]}
Read an object from a collectionYou can read individual objects in a collection through the GET method. The pattern toread an individual object in a collection is the same as the pattern to read a systemobject, with the addition of a collection name in the URI.
Pattern:
GET <resource-version>/<namespace>/<collection-name>/<object-id>
Request:
GET /<resource-version>/<namespace>/<collection-name>/<object-id>
Response:Content-Type: application/json { "<collection>": [ "<property>": <value> ... ]}
Introduction to the Platform API
Interaction patterns 9
Create an object in a collectionYou can create an object in a collection through the POST method. The systemdetermines the final URI where the new object is located.
Pattern:
POST /<resource-version>/<namespace>/<collection-name>
Request:
POST /<resource-version>/<namespace>/<collection-name> Content-Type: application/json{ "<property>": <value>, ...}
Response:Location:/<resource-version>/<namespace>/<collection-name>/<new-object-id>
Content-Type: application/json {Standard JSON success or error response}
Modify an object in a collectionYou can modify an object in a collection through the PUT method. The pattern to modifyan object in a collection is the same as the pattern to modify a system object, with theaddition of a collection name in the URI.
Pattern:
PUT /<resource-version>/<namespace>/<collection-name>/<object-id>
Request:
PUT /<resource-version>/<namespace>/<collection-name>/<object-id>
Content-Type: application/json{ "parameter_name": <value> ...}
Response:{Standard JSON success or error response}
Delete an object from a collectionYou can delete an object from a collection through the DELETE method.
Pattern:
DELETE /<resource-version>/<namespace>/<collection-name>/<object>
Request:
DELETE /<resource-version>/<namespace>/<collection-name>/<object-id>
Response:{Standard JSON success or error response}
Introduction to the Platform API
10 OneFS 7.0.1 Platform API Reference
Filter a collectionYou can apply a filter to a collection and retrieve objects from the collection that matchessome common criteria.
Pattern: GET /<resource-version>/<namespace>/<collection-name>?<parameter_name> =<match-pattern>&...Request:
GET /<resource-version>/<namespace>/<collection-name>?<parameter_name>=<match-pattern>&...
Response:Content-Type: application/json {"count": <integer>,"<collection-name>": [ { "<parameter-name>": <matched-value>, ... }, ... ]}
Platform API self-documentationThe Platform API contains detailed self-documentation about API resources, including URIdescriptions, query arguments, allowable HTTP methods, and the request and responseJSON representation structures that are available.
You can access the Platform API self-documentation by sending a GET request to anyresource URI with the describe query parameter appended to the end of the URI. The self-documentation text available for that resource is returned.
For example, to obtain self-documentation for the quotas resource, send the followingrequest:
GET /platform/1/quota/quotas?describe
You can retrieve a list of all of the resources by appending list and all options to thedescribe query parameter.
For example, to return a list of all resource paths for snapshots, send the followingrequest:
GET /platform/1/snapshot/snapshots?describe&list&all HTTP_RESULT 200 { "directory": [ "/1/snapshot/snapshots/<SID>", "/1/snapshot/snapshots/<SID>/locks", "/1/snapshot/snapshots/<SID>/locks/<LID>" ] }
You can obtain the JSON schemas that are included in the self-documentation by sendinga GET request to any resource URI with the query parameters describe and json appendedto the end of the URI.
For example, to obtain the JSON-formatted schemas for the quotas resource, send thefollowing request:
GET /platform/1/quota/quotas?describe&json
Introduction to the Platform API
Platform API self-documentation 11
If you include any values for either the describe or json parameters, the values areignored.
The JSON-formatted schema documents conform to RFC draft-zyp-json-schema-03.
Access ControlYou can access the Platform API resources through the HTTPS protocol on TCP port 8080.All Platform API resources are provided under a top-level /platform URI path that isavailable on all nodes in the cluster.
Resources are accessed through the following pattern:
https://<cluster-ip-or-host-name>:8080/<resource-uri>.
Access to Platform API resources requires user authentication and authorization. ThePlatform API uses role-based access control; users can only access resources for whichthey have privileges.
Users can authenticate to the Platform API either through HTTP Basic Authentication (asdefined by RFC 2617) or with a session, which is obtained through the Platform APIsession resource.
HTTP Basic Authentication requires more system processing resources and is slower thanauthenticating with a session cookie. For multiple requests over a period of time, it isrecommended that you create a session cookie.
HTTP Basic AuthenticationYou can authenticate to the Platform API through HTTP Basic Authentication. With HTTPBasic Authentication, you must create a standard Authorization header and send therequest to the server with a valid username and password. If your username andpassword are authenticated by the server, you are able to access that resource.
The following example shows a sample HTTP Basic Authentication request.
GET /platform/1/protocols/nfs/exports HTTP/1.1Host: onefs.cluster.hostnameAuthorization: Basic QWxhZGRpbjpvcGVuIHN1c2FtZQ==
HTTP Basic Authentication conforms to RFC 2617, section 2.
Configure a session cookieYou can configure a session cookie by sending credentials to a session service resource,which responds with a Set-Cookie header. The Set-Cookie header contains anauthentication token that can then be sent to the Platform API on subsequent requests toprovide immediate authentication. Effectively, the Platform API creates a statelesssession on the cluster, which maintains the authenticated state for a period of time.
Session cookies are specific to a single node; all requests must be made to the samenode from which the session cookie was obtained.
HTTP Set-Cookie and Cookie headers conform to RFC 6265.
1. Create a JSON entity body, including the username, password, and any otherauthentication information.
2. Create a session entity through the POST method.POST <JSON entity> /platform/session/1/sessions
Introduction to the Platform API
12 OneFS 7.0.1 Platform API Reference
If the server validates the username and password, the server responds with a Set-Cookie header. Otherwise, the server responds with an error document.
3. Obtain the isisessid value from the Set-Cookie header.
4. Include the Cookie: <isisessid> header in all future Platform API requests to thatnode.
Introduction to the Platform API
Configure a session cookie 13
Introduction to the Platform API
14 OneFS 7.0.1 Platform API Reference
CHAPTER 2
Platform API session resource
You can set a session cookie for extended authentication on a single node.
Object parametersThere are no parameters for this resource.
Object properties
Property Type Description
username string Provides the username requesting access to the cluster.
password string Provides the password for the username requesting accessto the cluster.
services array Provides a list of Platform API services to obtain access to.
timeout_absolute integer Provides the number of seconds before the session expires.
timeout_inactive integer Provides the number of seconds of inactivity before thesession expires.
u Create a session....................................................................................................16u Send a request using a session cookie..................................................................16u Get information about the current session.............................................................16u Log out of a session..............................................................................................16
Platform API session resource 15
Create a sessionYou can create a session and extend your authentication to a node for multiple requestsover a period of time.
Request:
POST /session/1/session
{ "username": "<string>", "password": "<string>", "services": ["<string>"] }
If the credentials validate, the following steps occur.
1. The server responds by sending the Set-Cookie: header with an isisessid value.
2. The client parses the cookie according to the RFC standards.
3. A pre-authenticated session is created on the node where the POST command wasexecuted, and the client can send a Cookie: isisessid header for access instead ofa basic HTTP authentication header.
If the credentials are not valid on the server, the server responds with an error message.
Send a request using a session cookieAfter a session cookie is created, the isisessid value authenticates future requests.
Request:
Send the GET request to any Platform API resource with a Cookie: header and a setisisessid value. No WWW-AUTHENTICATE header is needed.
Response:
If the server validates the credentials, the server grants access and processes therequest.
If the server does not validate the credentials, the server responds with an error message.
Get information about the current sessionYou can send a request to the server for information about the current session.
Request:
GET /session/1/session?isisessid
Response:
If the server validates the credentials, the JSON document used to create the session isreturned.
"username": <string>"services": [<string>, ...] "timeout_absolute": <int>, "timeout_inactive": <int>
If the server does not validate the credentials, the server responds with an error message.
Log out of a sessionYou can manually delete a session cookie if you no longer need to stay authenticated to anode. Session cookies are configured to expire automatically after a period of inactivity
Platform API session resource
16 OneFS 7.0.1 Platform API Reference
(the default setting is 900 seconds) or after an absolute period of time (the defaultsetting is 14400 seconds).
Request:
DELETE /session/1/session?isisessid
Response:
If the server validates the credentials, the session value is no longer valid for futurerequests.
If the server does not validate the credentials, the server responds with an error message.
Platform API session resource
Log out of a session 17
Platform API session resource
18 OneFS 7.0.1 Platform API Reference
CHAPTER 3
Authentication resources
These resources allow users to retrieve, create, modify, or delete authenticationproviders, users, groups, and other configurations and settings.
u Auth user security token resource..........................................................................20u Auth groups resource............................................................................................21u Auth groups members resource.............................................................................22u Auth users resource..............................................................................................23u Auth users member of resource.............................................................................24u Auth netgroups resource.......................................................................................25u Auth mapping users rules resource.......................................................................25u Auth mapping users lookup resource....................................................................26u Auth providers summary resource.........................................................................26u Auth ADS providers resource.................................................................................27u Auth ADS providers domains resource...................................................................29u Auth ADS providers controllers resource................................................................30u Auth ADS providers search resource......................................................................31u Auth file providers resource...................................................................................32u Auth LDAP providers resource...............................................................................34u Auth local providers resource................................................................................37u Auth NIS providers resource..................................................................................39u Auth roles resource...............................................................................................41u Auth roles members resource................................................................................42u Auth roles privileges resource...............................................................................42u Auth global settings resource................................................................................43u Auth shells resource..............................................................................................44u Auth wellknowns resource.....................................................................................45u Persona properties................................................................................................45u Privilege properties...............................................................................................45u Groups properties.................................................................................................46u Users properties....................................................................................................46u Domain properties................................................................................................48u Option properties..................................................................................................48u Roles properties....................................................................................................48
Authentication resources 19
Auth user security token resourceThis resource applies the standard system object pattern to the currently authenticatedsecurity token.
Operation Method and URI- -Get the security token for the currentlyauthenticated user
GET /platform/1/auth/id
View the detailed JSON schema for the usersecurity token
GET /platform/1/auth/id?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
additional_id persona on page45
Properties for an additional ID.
gid persona on page45
Properties for the currently authenticatedprimary group ID for the user.
group_sid persona on page45
Properties for the currently authenticatedprimary group security ID for the user.
ifs_restricted Boolean Indicates if this user has restricted access tothe /ifs file system.
local_address string Provides the IP address of the node that isservicing the request.
on_disk_group_id persona on page45
Properties for the group ID that is stored ondisk for the authenticated user.
on_disk_user_id persona on page45
Properties for the user ID that is stored on diskfor the authenticated user.
privilege privilege on page45
Properties for the privileges granted to theauthenticated user.
protocol integer The protocol that is responsible for thecreation of the token, such as NFS or FTP.
remote_address string The IP address of the client requesting theinformation.
uid persona on page45
Properties for the currently authenticated userID.
user_sid persona on page45
Properties for the currently authenticatedsecurity ID for the user.
zid integer Provides the zone ID that is serving therequest.
Authentication resources
20 OneFS 7.0.1 Platform API Reference
Property Type Description
zone_id string Provides the name of the zone that is servingthe request.
Auth groups resourceThis resource applies the standard collection pattern to groups.
Operation Method and URI- -Get all groups GET /platform/1/auth/groups
Flush the groups cache DELETE /platform/1/auth/groups
Get a group GET /platform/1/auth/groups/<group-id>
Create a group POST /platform/1/auth/groups
Modify a group PUT /platform/1/auth/groups/<group-id>
Delete a group DELETE /platform/1/auth/groups/<group-id>
View the detailed JSON schema for anauthentication group
GET /platform/1/auth/groups?describe
Query parameterscached
If true, only return cached objects.
domain
Filter groups by domain.
filter
Filter groups by name prefix.
provider
Filter groups by provider.
query_member_of
Enumerate all groups that a group is a member of.
resolve_names
Resolve names of a persona.
zone
Filter groups by zone.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from the previous request (cannot be used with otherparameters).
Authentication resources
Auth groups resource 21
Object properties
Property Type Type
total string Provides the total number of groups to display.
resume string Provides the value for the resume argument used forcontinuation requests.
groups groups on page 46 Properties for groups.
Auth groups members resourceThis resource applies the standard collection pattern to members of a group.
Operation Method and URI- -Get the members of a group GET /platform/1/auth/groups/
<group-id>/members
Add a member to a group POST /platform/1/auth/groups/<group-id>/members
Remove a member from a group DELETE /platform/1/auth/groups/<group-id>/members/<persona-id>
View the detailed JSON schema for themembers of an authentication group
GET /platform/1/auth/groups/<group-id>/members?describe
Query parametersprovider
Filter groups by the provider.
resolve_names
Resolve the name of a persona.
zone
Filter groups by zone.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from the previous request (cannot be used with otherparameters).
Object properties
Property Type Description
resume string Provides the value for the resume argument to be usedfor continuation requests.
id string Provides the system ID given to the new member of thegroup. In a POST request, this value is the ID that refers tothe item in the collection item resource path.
Authentication resources
22 OneFS 7.0.1 Platform API Reference
Property Type Description
members persona on page45
Properties for users or groups that have this role.
Auth users resourceThis resource applies the standard collection pattern to users.
Operation Method and URI- -Get all users GET /platform/1/auth/users
Get one user GET /platform/1/auth/users/<user-id>
Modify a user PUT /platform/1/auth/users/<user-id>
Create a user POST /platform/1/auth/users
Flush the users cache DELETE /platform/1/auth/users
Delete a user DELETE /platform/1/auth/users/<user-id>
View the detailed JSON schema forauthentication users
GET /platform/1/auth/users?describe
Query parameterscached
If true, only return cached objects.
domain
Filter users by domain.
filter
Filter users by name prefix.
provider
Filter users by provider.
query_member_of
Enumerate all users that a group is a member of.
resolve_names
Resolve names of personas.
zone
Filter users by zone.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from the previous request (cannot be used with otherparameters).
Authentication resources
Auth users resource 23
Object properties
Property Type Description
total integer Provides the total number of users.
resume string Provides the value for the resume argument used forcontinuation requests.
users users on page 46 Properties for authenticating users.
Auth users member of resourceThis resource applies the standard collection pattern to groups that a user is a memberof.
Operation Method and URI- -Get the groups that a user is a member of GET /platform/1/auth/users/<user-
id>/member_of
Add a group membership for a user POST /platform/1/auth/users/<user-id>/member_of
Remove a group membership from a user DELETE /platform/1/auth/users/<user-id>/member_of/<persona-id>
View the detailed JSON schema forauthentication users members_of
GET /platform/1/auth/users/<user-id>/member_of?describe
Query parametersprovider
Filters groups by provider.
resolve_names
Resolves the names of personas.
zone
Filters groups by zone.
resume
Continues returning results from the previous call (cannot be used with otheroptions).
Object properties
Property Type Description
resume string Provides the value for the resume argument to beused for continuation requests.
member_of persona on page45
Properties for each group the user is a member of.
Authentication resources
24 OneFS 7.0.1 Platform API Reference
Auth netgroups resourceThis resource applies the standard collection pattern to individual members ofnetgroups.
Operation Method and URI- -Get the members of a netgroup GET /platform/1/auth/netgroups/
<netgroup>
View the detailed JSON schema forauthentication netgroups
GET /platform/1/auth/netgroups/<netgroup>?describe
Query parametersprovider
Filter users by provider.
recursive
Perform recursive searches.
ignore_errors
Ignore netgroup errors.
zone
Filter users by zone.
Object properties
Property Type Description
domainname string Provides the domain for which the netgroup is valid.
hostname string Provides the host that is valid for this netgroup.
netgroup string Provides the name of the netgroup.
username string Provides the user who is valid for this netgroup.
Auth mapping users rules resourceThis resource returns the rules for user mapping.
Operation Method and URI- -Get the user mapping rules GET /platform/1/auth/mapping/
users/rules
Replace all user mapping rules PUT /platform/1/auth/mapping/users/rules
View the detailed JSON schema forauthentication mapping users rules
GET /platform/1/auth/mapping/users/rules?describe
Query parameterszone
The zone that the rules apply to.
Authentication resources
Auth netgroups resource 25
Object properties
Property Type Description
default_unix_user domain on page 48 Provides the properties for a default UNIXuser. Requires a token to have both aprimary UID and GID.
options options on page 48 Properties for options.
user1 domain on page 48 Properties for the primary user.
user2 domain on page 48 Properties for the secondary user.
Auth mapping users lookup resourceThis resource enables user look ups.
Operation Method and URI- -Lookup a user through the user mapper GET /platform/1/auth/mapping/
users/lookup
View the detailed JSON schema forauthentication mapping users lookup
GET /platform/1/auth/mapping/users/lookup?describe
Query parametersuser
The user to lookup.
zone
The name of the zone that is serving the request.
uid
The system generated user ID.
gid
The system generated group ID.
primary_gid
The primary group ID.
Object properties
Property Type Description
mapping user on page 46 Properties for user look ups.
Auth providers summary resourceThis resource returns summary information for authentication providers.
Operation Method and URI- -Get the authentication providers summary GET /platform/1/auth/providers/
summary
Authentication resources
26 OneFS 7.0.1 Platform API Reference
Operation Method and URI- -View the detailed JSON schema forauthentication providers summary
GET /platform/1/auth/providers/summary?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
id string Provides the ID of the provider.
active_server string Provides the server that the provider serves authenticationrequests with. Null if no server is set or is not applicable for thatprovider.
forest string Provides the Active Directory forest. Null if not applicable.
site string Provides the Active Directory site name. Null if not applicable.
name string Provides the name of the provider.
status string Indicates the online and active state of the provider.
type string Provides the type of the provider.
Auth ADS providers resourceThis resource applies the standard collection pattern to individual Active Directory service(ADS) providers.
Operation Method and URI- -Get one ADS provider GET /platform/1/auth/providers/
ads/<provider-id>
Get all ADS providers GET /platform/1/auth/providers/ads
Join a domain POST /platform/1/auth/providers/ads
Modify an ADS provider PUT /platform/1/auth/providers/ads/<provider-id>
Leave a domain DELETE /platform/1/auth/providers/ads/<provider-id>
View the detailed JSON schema for ADSproviders
GET /platform/1/auth/providers/ads/<domain>?describe
Query parametersscope
Authentication resources
Auth ADS providers resource 27
If this parameter is specified as effective, or if it is not specified, all fields are shown.If the parameter is specified as user, only fields with non-default values are shown. Ifthe parameter is specified as default, the default values are returned.
Object properties
Property Type Description
allocate_gids Boolean Allocates a GID for an unmapped ADS group.
allocate_uids Boolean Enables allocation of a UID for an unmappedADS user.
assume_default_domain Boolean Enables lookup of unqualified user names inthe primary domain.
authentication Boolean Enables use of the provider for authenticationand identity.
check_online_interval integer Specifies the time between provider onlinechecks.
controller_time integer Provides the current time of the domaincontroller.
create_home_directory Boolean Creates a home directory on the first login.
domain_offline_alerts Boolean Sends an alert when the domain goes offline.
forest string Provides the ADS forest.
home_directory_template string Specifies the home directory template path.
hostname string Provides the fully qualified hostname that isstored in the machine account.
id string Specifies the ID of the provider instance.
ignore_all_trusts Boolean Ignores all trusted domains.
ignored_trusted_domains Boolean Includes trusted domains whenignore_all_trusts is set to false.
include_trusted_domains Boolean Includes trusted domains whenignore_all_trusts is set to true.
ldap_sign_and_seal Boolean Uses encryption and signing on LDAP requests.
login_shell string Sets the login shell path.
lookup_domains string Limits user and group lookup to the specifieddomains.
lookup_groups Boolean Looks up ADS groups in other providers beforeallocating a GID.
lookup_normalize_groups Boolean Normalizes ADS group names to lowercasebefore lookup.
lookup_normalize_users Boolean Normalizes ADS user names to lowercasebefore lookup.
Authentication resources
28 OneFS 7.0.1 Platform API Reference
Property Type Description
lookup_users Boolean Looks up ADS users in other providers beforeallocating a UID.
machine_account string Provides the SAM account name of themachine account.
machine_password_lifespan integer Sets the maximum age of a password.
name string Specifies the ADS provider name.
netbios_domain string Provides the NetBIOS domain name associatedwith the machine account.
nss_enumeration Boolean Enables the ADS provider to respond togetpwent and getgrent requests.
primary_domain string Provides the primary domain name.
sfu_support string Specifies whether to support RFC 2307attributes on ADS domain controllers.
site string Provides the ADS site.
status string Provides the status of the provider.
store_sfu_mappings Boolean Stores the SFU mappings permanently in the IDmapper.
system Boolean Indicates that the provider instance wascreated by OneFS and cannot be removed.
Auth ADS providers domains resourceThis resource applies the standard collection pattern to Active Directory service (ADS)domains.
Operation Method and URI- -Get all ADS provider's trusted domains GET /platform/1/auth/providers/
ads/<id>/domains
Get one ADS provider's trusted domain GET /platform/1/auth/providers/ads/<id>/domains/<ads-domain>
View the detailed JSON schema forauthentication providers ADS domains
GET /platform/1/auth/providers/ads/<id>/domains?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
dc_address string Provides the address for the domain controller.
Authentication resources
Auth ADS providers domains resource 29
Property Type Description
dc_name string Provides the name for the domain controller.
dc_site string Provides the site for the domain controller.
domain string Provides the name of the domain.
guid string Provides the group and user ID for the domain.
id string Provides a unique identifier for every domain returned.
netbios_name string Provides the NetBIOS name for the domain.
sid string Provides the security ID for the domain.
site string Provides the site for the domain.
status string Indicates whether the domain is online or offline.
trust_type string Specifies the type of trust with the domain. Options consist ofprimary, unknown, external, and forest.
Auth ADS providers controllers resourceThis resource applies the standard collection pattern to Active Directory service (ADS)controllers.
Operation Method and URI- -Get all domain controllers for a trusteddomain
GET /platform/1/auth/providers/ads/<domain-id>/controllers
View the detailed JSON schema forauthentication providers ADS controllers
GET /platform/1/auth/providers/ads/<domain-id>/controllers?describe
Query parameters
ParametersThere are no parameters for this resource.
Object properties
Property Type Description
dc_address string Provides the address for the domain controller.
dc_name string Provides the name for the domain controller.
id string Provides the name for the domain controller.
Authentication resources
30 OneFS 7.0.1 Platform API Reference
Auth ADS providers search resourceThis resource performs searches within Active Directory service (ADS) providers.
Operation Method and URI- -Get objects that are searchable in domains GET /platform/1/auth/providers/
ads/<object>/search
View the detailed JSON schema forauthentication providers ADS search
GET /platform/1/auth/providers/ads/<object>/search?describe
Query parametersdomain
The domain to search in.
user
The username for the domain, if untrusted.
password
The password for the domain, if untrusted.
filter
The filter to use when performing a search. The filter must be in the form of an LDAPquery.
description
An optional description to search for.
search_users
If true, search for users.
search_groups
If true, search for groups.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from the previous request (cannot be used with otherparameters).
Object properties
Property Type Type
resume string Provides the value for the resume argument to beused for continuation requests.
description string Provides the description returned from the ActiveDirectory server.
display_name string Provides the display name returned from theActive Directory server.
id persona on page45
Properties for the persona.
Authentication resources
Auth ADS providers search resource 31
Auth file providers resourceThis resource applies the standard collection pattern to authentication file providers.
Operation Method and URI- -Get one file provider GET /platform/1/auth/providers/
file/<provider-id>
Get all file providers GET /platform/1/auth/providers/file
Create a file provider POST /platform/1/auth/providers/file
Modify a file provider PUT /platform/1/auth/providers/file/<provider-id>
Delete a file provider DELETE /platform/1/auth/providers/file/<provider-id>
View the detailed JSON schema forauthentication providers file
GET /platform/1/auth/providers/file?describe
Query parametersscope
If specified as effective, or unspecified, all fields are shown. If specified as user, onlyfields with non-default values are shown. If specified as default, the default valuesare returned.
Object properties
Property Type Description
authentication Boolean Enables authentication and identification throughthe provider.
cache_entry_expiry integer Specifies the amount of time to cache a user orgroup.
create_home_directory Boolean Creates a home directory on the first login.
enabled Boolean Enables the file provider.
enumerate_groups Boolean Enables providers to enumerate groups.
enumerate_users Boolean Enables providers to enumerate users.
findable_groups string Sets a list of groups that can be resolved.
findable_users string Sets a list of users that can be resolved.
group_domain string Provides the domain used to qualify groups for thisprovider.
group_file string Provides the location of the file that contains groupinformation.
Authentication resources
32 OneFS 7.0.1 Platform API Reference
Property Type Description
home_diretory_template string Specifies the home directory template path.
id string Specifies the file provider ID.
listable_groups string Specifies groups that can be viewed in the provider.
listable_users string Specifies users that can be viewed in the provider.
login_shell string Sets the login shell path.
modifiable_groups string Specifies groups that can be modified in theprovider.
modifiable_users string Specifies users that can be modified in theprovider.
name string Specifies the name of the file provider.
netgroup_file string Provides the path to a netgroups replacement file.
normalize_groups Boolean Normalizes the group name to lowercase beforelookup.
normalize_users Boolean Normalizes the user name to lowercase beforelookup.
ntlm_support string Specifies the supported NTLM version for userswith NTLM-compatible credentials.
password_file string Provides the location of the file that contains userinformation.
provider_domain string Specifies the domain for the provider.
restrict_findable Boolean Checks the provider for filtered lists of findable andunfindable users and groups.
restrict_listable Boolean Checks the provider for filtered lists of listable andunlistable users and groups.
restrict_modifiable Boolean Checks the provider for filtered lists of modifiableand unmodifiable users and groups.
status string Provides the status of the provider.
system Boolean Indicates that the provider instance was created byOneFS and cannot be removed.
unfindable_groups string Specifies a group that cannot be resolved by theprovider.
unfindable_users string Specifies a user that cannot be resolved by theprovider.
unlistable_groups string Specifies a group that cannot be listed by theprovider.
unlistable_users string Specifies a user who cannot be listed by theprovider.
Authentication resources
Auth file providers resource 33
Property Type Description
unmodifiable_groups string Specifies a group that cannot be modified by theprovider.
unmodifiable_users string Specifies a user who cannot be modified by theprovider.
user_domain string Provides the domain used to qualify users for thisprovider.
Auth LDAP providers resourceThis resource applies the standard collection pattern to individual Lightweight DirectoryAccess Protocol (LDAP) authentication providers.
Operation Method and URI- -Get one LDAP provider GET /platform/1/auth/providers/
ldap/<provider-id>
Get all LDAP providers GET /platform/1/auth/providers/ldap
Create an LDAP provider POST /platform/1/auth/providers/ldap
Modify an LDAP provider PUT /platform/1/auth/providers/ldap/<provider-id>
Delete an LDAP provider DELETE /platform/1/auth/providers/ldap/<provider-id>
View the detailed JSON schema for LDAPauthentication providers
GET /platform/1/auth/providers/ldap/<provider-id>?describe
Query parametersscope
If specified as effective, or unspecified, all fields are shown. If specified as user, onlyfields with non-default values are shown. If specified as default, the default valuesare returned.
Object properties
Property Type Description
authentication Boolean Enables authentication and identificationthrough the provider.
balance_servers Boolean Connects the provider to a random server.
base_dn string Sets the root of the tree in which tosearch for identities.
bind_dn string Sets a distinguished name that is usedwhen binding to LDAP servers.
Authentication resources
34 OneFS 7.0.1 Platform API Reference
Property Type Description
bind_mechanism string Provides the bind mechanism to usewhen connecting to an LDAP server. Theonly supported value is simple.
bind_password string Sets a password for a distinguished namethat is used when binding to LDAPservers.
bind_timeout integer Sets a timeout in seconds when bindingLDAP servers.
cache_entry_expiry integer Specify the amount of time to cache auser or group
certificate_authority_file string Set the path to the root certificates file.
check_online_interval integer Specifies the time between the provideronline checks.
cn_attribute string Specifies the canonical name.
create_home_directory Boolean Creates a home directory on the firstlogin.
crypt_password_attribute string Sets a hashed password value.
email_attribute string Sets the LDAP email attribute.
enabled Boolean Enables the LDAP provider.
enumerate_groups Boolean Enables the LDAP provider to enumerategroups.
enumerate_users Boolean Enables the LDAP provider to enumerateusers.
findable_groups string Sets a list of groups that can be resolved.
findable_users string Sets a list of users that can be resolved.
gecos_attribute string Sets the LDAP GECOS attribute.
gid_attribute string Sets the LDAP GID attribute.
group_base_dn string Sets a distinguished name for the entrywhere LDAP searches for groups begins.
group_domain string Provides the domain used to qualifygroups for this provider.
group_filter string Sets the LDAP filter for group objects.
group_members_attribute string Sets the LDAP Group Members attribute.
group_search_scope string Defines the depth from the base DN toperform LDAP searches.
home_directory_template string Specifies the home directory templatepath.
Authentication resources
Auth LDAP providers resource 35
Property Type Description
homedir_attribute string Sets the LDAP Homedir attribute.
id string Specifies the ID of the LDAP provider.
ignore_tls_errors string Continues over secure connections, evenif the identity check fails.
listable_groups string Specifies groups that can be viewed inthe provider.
listable_users string Specifies users that can be viewed in theprovider.
login_shell string Sets the login shell path.
name string Specifies the name of the LDAP provider.
name_attribute string Sets the LDAP UID attribute, which is usedas the login name.
netgroup_base_dn string Sets a distinguished name for the entrywhere LDAP searches for netgroupsbegins.
netgroup_filter string Sets the LDAP filter for netgroup objects.
netgroup_members_attribute string Sets the LDAP Netgroup Membersattribute.
netgroup_search_scope string Defines the depth from the base DN toperform LDAP searches.
netgroup_triple_attribute string Sets the LDAP Netgroup Triple attribute.
normalize_groups Boolean Normalizes group names to lowercasebefore lookup.
normalize_users Boolean Normalizes user names to lowercasebefore lookup.
nt_password_attribute string Setsthe LDAP NT Password attribute.
ntlm_support string Specifies the supported NTLM version forusers with NTLM-compatible credentials.
provider_domain string Specifies the provider domain.
require_secure_connection Boolean Specifies whether to continue over a non-TLS connection.
restrict_findable Boolean Checks the provider for filtered lists offindable and unfindable users andgroups.
restrict_listable Boolean Checks the provider for filtered lists oflistable and unlistable users and groups.
search_scope string Defines the default depth from the baseDN to perform LDAP searches.
Authentication resources
36 OneFS 7.0.1 Platform API Reference
Property Type Description
search_timeout integer Sets the search timeout period.
server_uris string Sets the server URIs.
shell_attribute string Sets the LDAP shell attribute.
status string Provides the status of the provider.
system Boolean Indicates that the provider instance wascreated by OneFS and cannot beremoved.
uid_attribute string Sets the LDAP UID Number attribute.
unfindable_groups string Specifies groups that cannot be resolvedby the provider.
unfindable_users string Specifies users who cannot be resolvedby the provider.
unique_group_members_attribute string Sets the LDAP Unique Group Membersattribute.
unlistable_groups string Specifies a group that cannot be listed bythe provider.
unlistable_users string Specifies a user who cannot be listed bythe provider.
user_base_dn string Sets a distinguished name for the entrywhere LDAP searches for users begins.
user_domain string Provides the domain used to qualify usersfor this provider.
user_filter string Sets the LDAP filter for user objects.
user_search_scope string Defines the depth from the base DN toperform LDAP searches.
Auth local providers resourceThis resource applies the standard collection pattern to local authentication providers.
Operation Method and URI- -Get one local provider GET /platform/1/auth/providers/
local/<file-id>
Get all local providers GET /platform/1/auth/providers/local
Create a local provider POST /platform/1/auth/providers/local
Modify a local provider PUT /platform/1/auth/providers/local/<file-id>
Authentication resources
Auth local providers resource 37
Operation Method and URI- -Delete a local provider DELETE /platform/1/auth/
providers/local/<file-id>
View the detailed JSON schema for localauthentication providers local
GET /platform/1/auth/providers/local?describe
Query parametersscope
If this parameter is specified as effective, or if it is not specified, all export fields areshown. If this parameter is specified as user, only fields with non-default values areshown. If this parameter is specified as default, the original values are returned.
Object properties
Property Type Description
authentication Boolean Enables authentication and identification throughthe provider.
create_home_directory Boolean Creates a home directory on the first login.
home_directory_template string Specifies the home directory template path.
id string Specifies the ID for the local provider.
lockout_duration integer Sets the length of time in seconds that an accountis inaccessible after multiple failed login attempts.
lockout_threshold integer Sets the number of failed login attemptsnecessary for an account to be locked out.
lockout_window integer Sets the time in seconds in whichlockout_threshold failed attempts must be madefor an account to be locked out.
login_shell string Sets the login shell path.
machine_name string Specifies the Active Directory account name forthe machine.
max_password_age integer Sets the maximum password age in seconds.
min_password_age integer Sets the minimum password age in seconds.
min_password_length integer Sets the minimum password length.
name string Specifies the name of the local provider.
password_prompt_time integer Specifies time in seconds remaining before beingprompted to change the password.
status string Provides the status of the provider.
system Boolean Indicates that the provider instance was createdby OneFS and cannot be removed.
Authentication resources
38 OneFS 7.0.1 Platform API Reference
Auth NIS providers resourceThis resource applies the standard collection pattern to Network Information Service (NIS)authentication providers.
Operation Method and URI- -Get one NIS provider GET /platform/1/auth/providers/
nis/<nis-name>
Get all NIS providers GET /platform/1/auth/providers/nis
Create an NIS provider POST /platform/1/auth/providers/nis
Modify an NIS provider PUT /platform/1/auth/providers/nis/<nis-name>
Delete an NIS provider DELETE /platform/1/auth/providers/nis/<nis-name>
View the detailed JSON schema for NISauthentication providers
GET /platform/1/auth/providers/nis?describe
Query parametersscope
If this parameter is specified as effective, or if it is not specified, all export fields areshown. If this parameter is specified as user, only fields with non-default values areshown. If this parameter is specified as default, the original values are returned.
Object properties
Property Type Description
authentication Boolean Enables authentication and identification throughthe provider.
balance_servers Boolean Enables the provider to connect to a randomserver.
cache_entry_expiry integer Specifies the amount of time in seconds to cachea user or group.
check_online_interval integer Specifies the amount of time in seconds betweenprovider online checks.
create_home_directory integer Creates a home directory on first login.
enabled Boolean Enables the NIS provider.
enumerate_groups Boolean Enables the provider to enumerate groups.
enumerate_users Boolean Enables the provider to enumerate users.
findable_groups string Sets a list of groups that can be resolved.
Authentication resources
Auth NIS providers resource 39
Property Type Description
findable_users string Sets a list of users that can be resolved.
group_domain string Provides the domain used to qualify groups forthis provider.
home_directory_template string Specifies the home directory template path.
hostname_lookup Boolean Enables host name lookups.
id string Specifies the NIS provider ID.
listable_groups string Specifies groups that can be viewed in theprovider.
listable_users string Specifies users that can be viewed in the provider.
login_shell string Sets the login shell path.
name string Specifies the NIS provider name.
nis_domain string Specifies the NIS domain name.
normalize_groups Boolean Normalizes the group name to lowercase beforelookup.
normalize_users Boolean Normalizes the user name to lowercase beforelookup.
ntlm_support string Specifies the NTLM version for users with NTLM-compatible credentials.
provider_domain string Specifies the provider domain.
request_timeout integer Specifies the request timeout interval in seconds.
restrict_findable Boolean Checks the provider for filtered lists of findableand unfindable users.
restrict_listable Boolean Checks the provider for filtered lists of listable andunlistable users.
retry_time integer Sets timeout period in seconds after which arequest is retried.
servers string Provides a list of NIS servers to be used by thisprovider.
check_online_interval integer Specifies the amount of time in seconds betweenprovider online checks.
status string Provides the status of the provider.
system string Indicates that the provider instance was createdby OneFS and cannot be removed.
unfindable_groups string Specifies a group that cannot be resolved by theprovider.
unfindable_users string Specifies a user that cannot be resolved by theprovider.
Authentication resources
40 OneFS 7.0.1 Platform API Reference
Property Type Description
unlistable_groups string Specifies a group that cannot be listed by theprovider.
unlistable_users string Specifies a user that cannot be resolved by theprovider.
user_domain string Provides the domain used to qualify users for thisprovider.
ypmatch_using_tcp Boolean Uses TCP for YP match operations.
Auth roles resourceThis resource applies the standard collection pattern to roles.
Operation Method and URI- -Get one role GET /platform/1/auth/roles/<role-
id>
Get all roles GET /platform/1/auth/roles
Create a role POST /platform/1/auth/roles
Modify a role PUT /platform/1/auth/roles/<role-id>
Delete a role DELETE /platform/1/auth/roles/<role-id>
View the detailed JSON schema forauthentication roles
GET /platform/1/auth/roles?describe
Query parametersresolve_names
Filters users by zone.
resume
Continue returning results from the previous call (cannot be used with other options).
Object properties
Property Type Description
resume string Provides the value for the resume argument to be usedfor continuation requests.
roles roles on page 48 Properties for roles.
Authentication resources
Auth roles resource 41
Auth roles members resourceThis resource applies the standard collection pattern to members of roles.
Operation Method and URI- -Get the members of a role GET /platform/1/auth/roles/
<member-id>/members
Add a member to a role POST /platform/1/auth/roles/<member-id>/members
Remove a member from a role DELETE /platform/1/auth/roles/<member-id>/members/<persona-id>
View the detailed JSON schema forauthentication roles members
GET /platform/1/auth/roles/<member-id>/members?describe
Query parametersresolve_names
Resolves the names of personas.
Object properties
Property Type Description
members persona on page 45 Properties for users or groups that have this role.
Auth roles privileges resourceThis resource applies the standard collection pattern to the privileges that belong to arole.
Operation Method and URI- -Get the privileges of a role GET /platform/1/auth/roles/<id>/
privileges
Add a privilege to a role POST /platform/1/auth/roles/<id>/privileges
Remove a privilege from a role DELETE /platform/1/auth/roles/<id>/privileges/<privilege-id>
View the detailed JSON schema forauthentication roles privileges
GET /platform/1/auth/roles/<id>/privileges?describe
Query parametersresume
Continue returning results from the previous call (cannot be used with other options).
Authentication resources
42 OneFS 7.0.1 Platform API Reference
Object properties
Property Type Description
resume string Provides the value for the resume argument used forcontinuation requests.
privileges privilege on page 45 Properties for the privileges granted by this role.
Auth global settings resourceThis resource contains global authentication settings.
Operation Method and URI- -Get global settings GET /platform/1/auth/settings/
global
Modify global settings PUT /platform/1/auth/settings/global
View the detailed JSON schema for globalsettings for authentication
GET /platform/1/auth/settings/global?describe
Query parametersscope
If this parameter is specified as effective, or if it is not specified, all export fields areshown. If this parameter is specified as user, only fields with non-default values areshown. If this parameter is specified as default, the original values are returned.
Object properties
Property Type Description
alloc_retries integer Sets the number of times to retry an ID allocationbefore failing.
cache_cred_lifetime integer Sets the length of time in seconds to cache credentialresponses from the ID mapper.
cache_id_lifetime integer Sets the length of time in seconds to cache IDresponses from the ID mapper.
gid_range_enabled Boolean Enables the use of a fixed range for allocating a GID.
gid_range_max integer Specifies the ending number for allocating a GID.
gid_range_min integer Specifies the starting number for allocating a GID.
gid_range_next integer Specifies the next GID to be allocated.
group_uid integer Provides the UID to use when the kernel must retrievea UID for a group.
load_providers array Controls which providers are loaded by theauthentication daemon (lsassd).
Authentication resources
Auth global settings resource 43
Property Type Description
min_mapped_rid integer Starts RID in the local domain to map a UID and a GID.
null_gid integer Provides the alternative GID to use when the kernel isunable to retrieve a GID for a persona.
null_uid integer Provides the alternative UID to use when the kernel isunable to retrieve a UID for a persona.
on_disk_identity string Specifies the type of identity that is stored on disk.
rpc_block_time integer Provides the minimum amount of time in millisecondsto wait before performing an oprestart.
rpc_max_requests integer Provides the maximum number of outstanding RPCrequests.
rpc_timeout integer Provides the maximum amount of time in seconds towait for an idmap response.
send_ntlmv2 Boolean Specifies whether to send NTLMv2 responses.
space_replacement string Sets space replacement character.
system_gid_threshold integer Provides the minimum GID to attempt to lookup in theidmap database.
system_uid_threshold integer Provides the minimum UID to attempt to lookup in theidmap database.
uid_range_enabled Boolean Enables a fixed range for allocating UIDs.
uid_range_max integer Specifies the ending number for allocating a UID.
uid_range_min integer Specifies the starting number for allocating a UID.
uid_range_next integer Specifies the next UID to allocate.
unknown_gid integer Specifies the GID to use for an unknown oranonymous group.
unknown_uid integer Specifies the UID to use for an unknown oranonymous user.
workgroup string Sets the NetBIOS workgroup or domain.
Auth shells resourceThis resource returns the list of supported shells.
Operation Method and URI- -Get a list of the possible values for user shells GET /platform/1/auth/shells
View the detailed JSON schema forauthentication shells
GET /platform/1/auth/shells?describe
Query parametersThere are no parameters for this resource.
Authentication resources
44 OneFS 7.0.1 Platform API Reference
Object properties
Property Type Description
shells string Provides a list of supported shells.
Auth wellknowns resourceThis resource applies the standard collection pattern to wellknown personas.
Operation Method and URI- -Get wellknown SIDs GET /platform/1/auth/wellknowns
View the detailed JSON schema forauthentication wellknown SIDs
GET /platform/1/auth/wellknowns?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Type
persona persona on page 45 Properties for the persona.
Persona propertiesObject properties for personas.
Property Type Description
id string Provides the serialized form of the persona (such as 'UID:0','USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').
name string Provides the persona name, which must be combined with a type.
type string Provides the type of persona, which must be combined with a name.
Privilege propertiesObject properties for privileges.
Property Type Description
id string Provides the ID of the privilege.
name string Provides the name of the privilege.
read-only Boolean True if the privilege is read-only.
Authentication resources
Auth wellknowns resource 45
Groups propertiesObject properties for groups.
Property Type Description
dn string Provides the distinguished name for the user.
dns_domain string Provides the DNS domain for the object.
domain string Provides the domain of the group.
generated_gid boolean Indicates if the GID was generated.
gid persona on page45
Properties for the persona.
id string Provides the system ID given to the user orgroup. In a POST request, this value refers tothe item in the collection item resource path.
member_of persona on page45
Properties for groups that this user or groupare members of.
name string Provides a user or group name.
provider string Specifies an authentication provider.
sam_account_name string Provides a user or group name.
sid persona on page45
Properties for the security identifier.
type string Indicates the object type.
Users propertiesObject properties for users.
Property Type Description
dn string Provides the distinguished name forthe user.
dns_domain string Provides the DNS domain of the object.
domain string Provides the domain of the group.
email string Specifies an email address.
enabled Boolean True if the user is enabled.
expired Boolean True if the password for the user hasexpired.
expiry integer Provides the alternative name to createfor each snapshot.
gecos string Sets the GECOS value, which is usuallythe full name.
Authentication resources
46 OneFS 7.0.1 Platform API Reference
Property Type Description
generated_gid Boolean Indicates if the GID was generated.
generated_uid Boolean Indicates if the UID was generated.
gid persona onpage 45
Properties for the persona.
home_directory string Specifies the home directory for theuser.
id string Provides the system ID given to theuser or group. In a POST request, thisvalue is the ID that refers to the item inthe collection item resource path.
locked Boolean Specifies if the account is locked.
max_password_age integer Provides the maximum age in secondsallowed for the password before thepassword expires.
member_of persona onpage 45
Properties for groups that this user orgroup are members of.
name string Provides a user or group name.
password_expired Boolean Specifies whether the password hasexpired.
password_expires Boolean Specifies whether the password isallowed to expire.
password_last_set integer Specifies the last time the passwordwas set.
primary_group_sid persona onpage 45
Properties for the security ID of theprimary group for the user.
prompt_password_change Boolean Prompts a password change for theuser at the next log in.
provider string Specifies an authentication provider.
sam_account_name string Provides a user or group name.
shell string Sets the path to the shell for the user.
sid persona onpage 45
Properties for the security identifier.
type string Indicates the object type.
uid persona onpage 45
Properties for the user ID.
upn string Provides the principal name for theuser.
Authentication resources
Users properties 47
Property Type Description
user_can_change_password Boolean Specifies whether the password for theuser can be changed.
Domain propertiesObject properties for domains.
Property Type Description
domain integer Provides the domain name.
user string Provides the user name for the domain.
Option propertiesObject properties for options.
Create rules for specified users. For example, &= for join a group, ++ for append a group,-- for remove a group.
Property Type Description
break Boolean Stops processing further rules and immediatelycreates a final token if a rule is applied successfully.
default_user domain on page48
Substitutes this user if the second user in a rule isnot found.
group Boolean Specifies that the primary GID and primary group SIDare copied to the existing credential.
groups domain on page48
Specifies that all additional identifies are copied tothe existing credential.
user domain on page48
Maps users in the format of domain\user(n), where nis the user number. For example, user1.
Roles propertiesObject properties for roles.
Property Type Description
id string Provides the ID of the role.
name string Provides the name of the role.
members persona on page 45 Properties for users or groups that have this role.
privileges privilege on page 45 Properties for the privileges granted by this role.
Authentication resources
48 OneFS 7.0.1 Platform API Reference
CHAPTER 4
NFS resources
These resources allow users to retrieve, create, modify, or delete NFS exportconfigurations and settings.
u NFS exports summary resource..............................................................................50u NFS export resource..............................................................................................50u NFS NLM locks resource........................................................................................51u NFS NLM lock waiters resource..............................................................................52u NFS NLM sessions resource...................................................................................53u NFS default export settings resource.....................................................................53u NFS global settings resource.................................................................................56u NFS exports configuration check resource.............................................................57u NFS reload resource..............................................................................................57u NFS export properties............................................................................................58u NLM locks properties.............................................................................................61u NLM waiter properties...........................................................................................61u NLM session properties.........................................................................................62u NFS map properties...............................................................................................62
NFS resources 49
NFS exports summary resourceThis resource returns summary information for NFS exports.
Operations Method and URI- -Get the NFS exports summary GET /platform/1/protocols/nfs/exports-
summary
View the detailed JSON schema for theNFS exports summary
GET /platform/1/protocols/nfs/exports-summary?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
count integer Provides the total number of exports in the system.
NFS export resourceThis resource applies the standard collection pattern to NFS exports.
Operation Method and URI- -Get one NFS export GET /platform/1/protocols/nfs/exports/
<export-id>
Get a list of NFS exports GET /platform/1/protocols/nfs/exports
Create an NFS export POST /platform/1/protocols/nfs/exports
Modify an NFS export PUT /platform/1/protocols/nfs/exports
Delete an NFS export DELETE /platform/1/protocols/nfs/exports/<export-id>
View the detailed JSON schema forNFS exports
GET /platform/1/protocols/nfs/exports?describe
View the detailed JSON schema for asingle NFS exports object
GET /platform/1/protocols/nfs/exports/<export-id>?describe
Query parameterssort
Order results by this field. The default sort value is id.
dir
The sort order direction are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
check
Check for conflicts when listing exports.
scope
NFS resources
50 OneFS 7.0.1 Platform API Reference
If this parameter is specified as effective, or if it is unspecified, all export fields areshown. If this parameter is specified as user, only fields with non-default values areshown.
force
Override client and username conflicts or errors when creating or modifying anexport.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from previous requests (cannot be used with otherparameters).
Object properties
Property Type Description
total integer Provides the total number of exports configured.
resume string Provides the value for the resume argument to be usedfor continuation requests.
exports exports on page 58 Properties for a single export.
NFS NLM locks resourceThis resource applies the standard collection pattern to NFS Network Lock Manager (NLM)advisory locks.
Operation Method and URI- -Get a list of NFS advisory locks GET /platform/1/protocols/nfs/nlm/locks
View the detailed JSON schema forNLM locks on NFS
GET /platform/1/protocols/nfs/nlm/locks?describe
Query parameterssort
Order results by this field.
dir
Direction for the sort order is ascending (ASC) or descending (DESC). The defaultsetting is ascending.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from previous request (cannot be used with otherparameters).
NFS resources
NFS NLM locks resource 51
Object properties
Property Type Description
total integer Provides the total number of locks available.
resume string Provides the value for the resume argument to be usedfor continuation requests.
locks locks on page 61 Properties for NLM locks.
NFS NLM lock waiters resourceThis resource applies the standard collection pattern to NFS Network Lock Manager (NLM)lock waiters.
Operation Method and URI- -Get a list of NLM lock waiters on NFS GET /platform/1/protocols/nfs/nlm/
waiters
View the detailed JSON schema forNLM lock waiters on NFS
GET /platform/1/protocols/nfs/nlm/waiters?describe
Query parameterssort
Order results by this field.
dir
Direction for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from previous request (cannot be used with otherparameters).
Object properties
Property Type Description
total integer Provides the total number of lock waiters available.
resume string Provides the value for the resume argument to be usedfor continuation requests.
waiters waiters on page 61 Properties for NFS NLM lock waiters.
NFS resources
52 OneFS 7.0.1 Platform API Reference
NFS NLM sessions resourceThis resource applies the standard collection pattern to NFS Network Lock Manager (NLM)sessions.
Operation Method and URI- -Get a list of NFS NLM sessions GET /platform/1/protocols/nfs/nlm/sessions
Delete an NFS NLM session DELETE /platform/1/protocols/nfs/nlm/sessions/<session-id>
View the detailed JSON schema forNFS NLM sessions
GET /platform/1/protocols/nfs/nlm/sessions?describe
View the detailed JSON schema foran NFS NLM session
GET /platform/1/protocols/nfs/nlm/sessions/<session-id>?describe
Query parameterssort
Order results by this field.
dir
Direction for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from previous request (cannot be used with otherparameters).
Object properties
Property Type Description
total integer Provides the total number of sessions to display.
resume string Provides the value for the resume argument to beused for continuation requests.
sessions sessions on page 62 Properties for a single share.
NFS default export settings resourceThis resource applies the standard system object pattern to default NFS export settings.These settings are applied to all new exports, unless otherwise specified.
Operation Method and URI- -Get default NFS export settings GET /platform/1/protocols/nfs/settings/
export
Modify default NFS export settings PUT /platform/1/protocols/nfs/settings/export
NFS resources
NFS NLM sessions resource 53
Operation Method and URI- -View the detailed JSON schema fordefault NFS export settings
GET /platform/1/protocols/nfs/settings/export?describe
Query parametersscope
When specified as effective, or not specified, all fields are returned. When specifiedas user, only fields with non-default values are shown. When specified as default, theoriginal values are returned.
Object properties
Property Type Description
all_dirs Boolean True if all directories under the specified pathsare mountable.
block_size integer Provides the block size returned by the NFSstatfs call. This value is used to advise the clientof optimal settings for the server, but is notenforced.
can_set_time Boolean True if the client may set file times using the NFSset attribute request. When set to false, theserver ignores the setting and behaves as if thevalue is set to true. This value is used to advisethe client of optimal settings for the server, but isnot enforced.
commit_asynchronous Boolean True if NFS commit requests executeasynchronously.
directory_transfer_size integer Provides the preferred size for directory readoperations. This value is used to advise theclient of optimal settings for the server, but is notenforced.
encoding string Provides the default character set encoding ofthe clients connecting to the export, unlessotherwise specified.
map_lookup_uid Boolean True if incoming UIDs are mapped to users in theOneFS user database. When set to false,incoming UIDs are applied directly to fileoperations.
map_retry Boolean Determines whether searches for the usersspecified in map_all or map_root are retried ifthe search fails.
map_all map onpage 62
Provides the users and groups that are mappedto non-root clients.
NFS resources
54 OneFS 7.0.1 Platform API Reference
Property Type Description
map_full Boolean True if user mappings query the OneFS userdatabase. When set to false, user mappingsquery only local authentication.
map_root map onpage 62
Provides the users and groups that are mappedto root clients.
max_file_size integer Provides the maximum file size for any fileaccessed from the export.
read_only Boolean True if the export is read-only.
readdirplus Boolean True if readdirplus requests are enabled.Enabling this property may improve networkperformance and is available only for NFSv3.
readdirplus_prefetch integer Sets the number of directory entries that areprefetched when a readdirplus request isprocessed.
return_32bit_file_ids Boolean Limits the size of file identifiers returned byNFSv3+ to 32-bit values.
read_transfer_max_size integer Provides the maximum buffer size that clientsshould use on NFS read requests. This value isused to advise the client of optimal settings forthe server, but is not enforced.
read_transfer_multiple integer Provides the preferred multiple size for NFS readrequests. This value is used to advise the clientof optimal settings for the server, but is notenforced.
read_transfer_size integer Provides the preferred size for NFS readrequests. This value is used to advise the clientof optimal settings for the server, but is notenforced.
security_flavors array Provides the authentication types that aresupported for this export.
setattr_asynchronous Boolean True if set attribute operations executeasynchronously.
symlinks Boolean True if symlinks are supported. This value isused to advise the client of optimal settings forthe server, but is not enforced.
time_delta integer Provides the resolution of all time values that arereturned to the client.
write_datasync_action string Provides the action to be taken when an NFSv3+datasync write is requested.
write_datasync_reply string Provides the stability disposition returned whenan NFSv3+ datasync write is processed.
NFS resources
NFS default export settings resource 55
Property Type Description
write_filesync_action string Provides the action to be taken when an NFSv3+filesync write is requested.
write_filesync_reply string Provides the stability disposition returned whenan NFSv3+ filesync is processed.
write_unstable_action string Provides the action taken when an NFSx3+unstable write is processed.
write_unstable_reply string Provides the stability disposition returned whenan NFSv3+ unstable write is requested.
write_transfer_max_size integer Provides the maximum buffer size that clientsare recommended to use on NFS write requests.This value is used to advise the client of optimalsettings for the server, but is not enforced.
write_transfer_multiple integer Provides the preferred multiple size for NFS writerequests. This value is used to advise the clientof optimal settings for the server, but is notenforced.
write_transfer_size integer Provides the preferred size for NFS writerequests. This value is used to advise the clientof optimal settings for the server, but is notenforced.
NFS global settings resourceThis resource applies the standard system object pattern to global NFS settings.
Operation Method and URI- -Get default NFS export settings GET /platform/1/protocols/nfs/settings/
global
Modify default NFS exportsettings
PUT /platform/1/protocols/nfs/settings/global
View the detailed JSON schemafor global NFS exports
GET /platform/1/protocols/nfs/settings/global?describe
Query parametersscope
When specified as effective, or not specified, all fields are returned. When specifiedas user, only fields with non-default values are shown. When specified as default, theoriginal values are returned.
Object properties
Property Type Description
service Boolean Enables the NFS service. When set to false, disables the NFSservice.
NFS resources
56 OneFS 7.0.1 Platform API Reference
Property Type Description
nfsv2_enabled Boolean Enables NFSv2. When set to false, disables NFSv2.
nfsv3_enabled Boolean Enables NFSv3. When set to false, disables NFSv3.
nfsv4_enabled Boolean Enables NFSv4. When set to false, disables NFSv4.
nfsv4_domain string Provides the domain used to associate users and groups.
lock_protection integer Provides the number of nodes that can fail in the clusterwithout losing lock functionality.
rpc_minthreads integer Provides the minimum number of threads in the nfsd threadpool.
rpc_maxthreads integer Provides the maximum number of threads in the nfsd threadpool.
NFS exports configuration check resourceThis resource returns information on the status and validity of current NFS exports. Eachexport with an error is reported along with the first error encountered during the check.
Operation Method and URI- -Check NFS exports for configuration errors GET /platform/1/protocols/nfs/check
View the detailed JSON schema for NFSexports configuration check
GET /platform/1/protocols/nfs/check?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
id string Provides the system ID given to the export. In a POST request, thisvalue is the ID that refers to the item in the collection item resourcepath.
message string Provides a description of the conflict or error encountered.
NFS reload resourceThis resource is used to reload cached export information. The netgroup cache is updatedagainst the remote provider and hosts are updated against the DNS if the time to live(TTL) has expired. Netgroups are automatically refreshed on an interval specified by thenetgroup expiration option. DNS hosts are intermittently refreshed. Local exportinformation, such as options specified with exports create or exports modify, is updatedimmediately following the action.
NFS resources
NFS exports configuration check resource 57
Operation Method and URI- -Reload NFS exports POST /platform/1/protocols/nfs/
reload
View the detailed JSON schema for NFSexport reload
GET /platform/1/protocols/nfs/reload?describe
Query parametersThere are no parameters for this resource.
Object propertiesThere are no properties for this resource.
NFS export propertiesObject properties for NFS exports.
Property Type Description
id integer Provides the system ID given to the export. In aPOST request, this value is the ID that refers tothe item in the collection item resource path.
description string Provides the user defined string that is used toidentify the export.
paths string Provides the paths under /ifs that are exported.
force string True if the export is created, even when inconflict with another export, path, client, or user.
clients string Provides the clients with access to the export.
root_clients array Provides the clients with root access to theexport.
read_only_clients array Provides the clients with read-only access to theexport.
read_write_clients array Provides the clients with both read and writeaccess to the export, even when the export is setto read-only.
unresolved_clients array Provides the clients that cannot be resolved byhostname to an IP address.
conflicting_paths string Provides the paths that conflict with anotherexport.
all_dirs Boolean True if all directories under the specified pathsare mountable.
block_size integer Provides the block size returned by the NFSstatfs procedure. This value is used to advise theclient of optimal settings for the server, but isnot enforced.
NFS resources
58 OneFS 7.0.1 Platform API Reference
Property Type Description
can_set_time Boolean True if the client may set file times using the NFSset attribute request. When set to false, theserver ignores the setting and behaves as if thevalue is set to true. This value is used to advisethe client of optimal settings for the server, butis not enforced.
commit_asynchronous Boolean True if NFS commit requests executeasynchronously.
directory_transfer_size integer Provides the preferred size for directory readoperations. This value is used to advise theclient of optimal settings for the server, but isnot enforced.
encoding string Provides the default character set encoding ofthe clients connecting to the export, unlessotherwise specified.
map_lookup_uid Boolean True if incoming UIDs are mapped to users in theOneFS user database. When set to false,incoming UIDs are applied directly to fileoperations.
map_retry Boolean Determines whether searches for the usersspecified in map_all or map_root are retried ifthe search fails.
map_all map onpage 62
Provides the users and groups that are mappedto non-root clients.
map_full Boolean True if user mappings query the OneFS userdatabase. When set to false, user mappings onlyquery local authentication.
map_root map onpage 62
Provides the users and groups that are mappedto root clients.
max_file_size integer Provides the maximum file size for any fileaccessed from the export.
read_only Boolean True if the export is read-only.
readdirplus Boolean True if readdirplus requests are enabled.Enabling this property may improve networkperformance and is only available for NFSv3.
readdirplus_prefetch integer Sets the number of directory entries that areprefetched when a readdirplus request isprocessed.
return_32bit_file_ids Boolean Limits the size of file identifiers returned byNFSv3+ to 32-bit values.
read_transfer_max_size integer Provides the maximum buffer size that clientsshould use on NFS read requests. This value is
NFS resources
NFS export properties 59
Property Type Description
used to advise the client of optimal settings forthe server, but is not enforced.
read_transfer_multiple integer Provides the preferred multiple size for NFS readrequests. This value is used to advise the clientof optimal settings for the server, but is notenforced.
read_transfer_size integer Provides the preferred size for NFS readrequests. This value is used to advise the clientof optimal settings for the server, but is notenforced.
security_flavors array Provides the authentication flavors, or types,that are supported for this export.
setattr_asynchronous Boolean True if set attribute operations executeasynchronously.
symlinks Boolean True if symlinks are supported. This value isused to advise the client of optimal settings forthe server, but is not enforced.
time_delta integer Provides the resolution of all time values that arereturned to the client.
write_datasync_action string Provides the action to be taken when an NFSv3+datasync write is requested.
write_datasync_reply string Provides the stability disposition returned whenan NFSv3+ datasync write is processed.
write_filesync_action string Provides the action to be taken when an NFSv3+filesync write is requested.
write_filesync_reply string Provides the stability disposition returned whenan NFSv3+ filesync is processed.
write_unstable_action string Provides the action taken when an NFSx3+unstable write is processed.
write_unstable_reply string Provides the stability disposition returned whenan NFSv3+ unstable write is requested.
write_transfer_max_size integer Provides the maximum buffer size that clientsshould use on NFS write requests. This value isused to advise the client of optimal settings forthe server, but is not enforced.
write_transfer_multiple integer Provides the preferred multiple size for NFS writerequests. This value is used to advise the clientof optimal settings for the server, but is notenforced.
write_transfer_size integer Provides the preferred size for NFS writerequests. This value is used to advise the client
NFS resources
60 OneFS 7.0.1 Platform API Reference
Property Type Description
of optimal settings for the server, but is notenforced.
NLM locks propertiesObject properties for NLM locks.
Property Type Description
id string Provides the system ID given to the lock. In a POST request, thisvalue is the ID that refers to the item in the collection item resourcepath.
client string Provides the client host name and IP address.
client_id string Provides the client ID.
lock_type string Provides the type of lock.
range integer Provides the byte range within the locked file.
path string Provides the path under /ifs that is locked.
created integer Provides the UNIX Epoch time the lock was created.
lin string Provides the LIN in /ifs that is locked.
NLM waiter propertiesObject properties for NLM waiters.
Property Type Description
id string Provides the system ID given to the lock. In a POST request, thisvalue is the ID that refers to the item in the collection item resourcepath.
client string Provides the client host name and IP address.
client_id string Provides the client ID.
lock_type string Provides the type of lock.
range integer Provides the byte range within the locked file.
path string Provides the path under /ifs that is locked.
created integer Provides the UNIX Epoch time the lock was created.
lin string Provides the LIN in /ifs that is locked.
NFS resources
NLM locks properties 61
NLM session propertiesObject properties for NLM waiters.
Property Type Description
id string Provides the system ID given to the lock. In a POST request, thisvalue is the ID that refers to the item in the collection item resourcepath.
client string Provides the client host name and IP address.
client_id string Provides the client ID.
lock_type string Provides the type of lock.
range integer Provides the byte range within the locked file.
path string Provides the path under /ifs that is locked.
created integer Provides the UNIX Epoch time the lock was created.
lin string Provides the LIN in /ifs that is locked.
NFS map propertiesObject properties for map all and map root.
Property Type Description
groups string Provides the name of the group that non-root clients are mapped to.
user string Provides the name of the user that non-root clients are mapped to.
NFS resources
62 OneFS 7.0.1 Platform API Reference
CHAPTER 5
SMB resources
These resources allow users to retrieve, create, modify, or delete SMB shareconfigurations and settings.
u SMB shares summary resource.............................................................................64u SMB shares resource.............................................................................................64u SMB open files resource........................................................................................65u SMB sessions resource.........................................................................................66u SMB share settings resource.................................................................................67u SMB global settings resource................................................................................69u Share properties...................................................................................................70u Run as root properties...........................................................................................72u Permissions properties..........................................................................................73u Trustee properties.................................................................................................73u Open files properties.............................................................................................73u Sessions properties..............................................................................................73
SMB resources 63
SMB shares summary resourceThis resource returns summary information for SMB shares.
Operation Method and URI- -Get the SMB shares summary GET /platform/1/protocols/smb/shares-
summary
View the detailed JSON schema for theSMB shares summary
GET /platform/1/protocols/smb/shares-summary?describe
Query parametersThere are no query parameters for this resource.
Object properties
Property Type Description
count integer Provides the total number of shares in the system.
SMB shares resourceThis resource applies the standard collection pattern to SMB shares.
Operation Method and URI- -Get a single SMB share GET /platform/1/protocols/smb/shares/
<share-name>
Get a list of SMB shares GET /platform/1/protocols/smb/shares
Create an SMB share POST /platform/1/protocols/smb/shares
Modify an SMB share PUT /platform/1/protocols/smb/shares/<share-name>
Delete an SMB share DELETE /platform/1/protocols/smb/shares/<share-name>
View the detailed JSON schema forSMB shares
GET /platform/1/protocols/smb/shares?describe
View the detailed JSON schema foran SMB share object
GET /platform/1/protocols/smb/shares/<share-name>?describe
Query parameterssort
Order results by this field. The default value is id.
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
zone
An optionally named zone to use for user and group resolution.
SMB resources
64 OneFS 7.0.1 Platform API Reference
scope
If this parameter is specified as effective, or if it is unspecified, all export fields areshown. If this parameter is specified as user, only fields with non-default values areshown. If this parameter is specified as default, the original values are returned.
resolve_names
When this parameter is set to true, the group and user names are resolved.
limit
Return no more than this many results at one time. (See resume.)
resume
Continue returning results from previous request (cannot be used with otherparameters).
Object properties
Property Type Description
total integer Provides the total number of shares displayed.
resume string Provides the value for the resume argument to be usedfor continuation requests.
share share on page 70 Properties for a single share.
SMB open files resourceThis resource returns a listing of all files that are currently open through SMB on thequeried node.
Operation Method and URI- -Get a list of files opened throughSMB
GET /platform/1/protocols/smb/openfiles
Close a file opened through SMB DELETE /platform/1/protocols/smb/openfiles/<file-id>
View the detailed JSON schema forSMB open files
GET /platform/1/protocols/smb/openfiles?describe
View the detailed JSON schema foran SMB open file object
GET /platform/1/protocols/smb/openfiles/<file-id>?describe
Query parameterssort
Order results by this field. The default value is id.
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
limit
Return no more than this many results at one time (see resume).
resume
SMB resources
SMB open files resource 65
Continue returning results from previous request (cannot be used with otherparameters).
Object properties
Property Type Description
total integer Provides the total number of open files available.
resume string Provides the value for the resume argument to beused for continuation calls.
openfiles openfiles on page 73 Properties for SMB open files.
SMB sessions resourceThis resource returns a listing of all SMB sessions that are currently open on the queriednode.
Operation Method and URI- -Get a list of SMB sessions GET /platform/1/protocols/smb/sessions
Close an SMB session user DELETE /platform/1/protocols/smb/sessions/<computer>/<user>
Close an SMB session computer DELETE /platform/1/protocols/smb/sessions/<computer>
View the detailed JSON schemafor the SMB session
GET /platform/1/protocols/smb/sessions?describe
View the detailed JSON schemafor the SMB session user
GET /platform/1/protocols/smb/sessions/<computer>/<user>?describe
View the detailed JSON schemafor the SMB session computer
GET /platform/1/protocols/smb/sessions/<computer>?describe
Query parameterssort
Order results by this field. The default sort value is id.
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from previous request (cannot be used with otherparameters).
SMB resources
66 OneFS 7.0.1 Platform API Reference
Object properties
Property Type Description
total integer Provides the total number of sessions available.
resume string Provides the value for the resume argument to beused for continuation calls.
sessions sessions on page 73 Properties for SMB sessions.
SMB share settings resourceThis resource applies the standard system object pattern to default SMB share settings.
Operation Method and URI- -Get SMB share settings GET /platform/1/protocols/smb/settings/
share
Modify SMB share settings PUT /platform/1/protocols/smb/settings/share
View the detailed JSON schema forSMB share settings
GET /platform/1/protocols/smb/settings/share?describe
Query parametersscope
If this parameter is specified as effective, or if it is not specified, all export fields areshown. If this parameter is specified as user, only fields with non-default values areshown. If this parameter is specified as default, the original values are returned.
Object properties
Property Type Description
allow_execute_always Boolean Enables users to execute files thatthey have read rights for.
strict_locking Boolean Specifies whether byte range lockscontend against SMB I/O.
hide_dot_files Boolean Hides files and directories that beginwith a period.
impersonate_guest string Specifies the condition in which useraccess is performed as the guestaccount.
strict_flush Boolean Determines whether the data isalways flushed to disk.
mangle_byte_start integer The starting value for the automaticbyte mangling range (in decimalnotation).
SMB resources
SMB share settings resource 67
Property Type Description
directory_create_mask integer Specifies the permission bits (indecimal notation) that can be setwhen a directory is created.
directory_create_mode integer Specifies the permission bits that areset when a directory is created.
file_create_mask integer Specifies the permission bits (indecimal notation) that can be setwhen a file is created.
file_create_mode integer Specifies the permission bits that areset when a file is created.
create_permissions string Determines how permissions are setfor new files and directories in theSMB share.
mangle_map array Specifies the character mangle map.
impersonate_user string Specifies the user account to be usedas a guest account.
change_notify string Specifies the level of changenotification alerts on the SMB share.
oplocks Boolean Specifies whether or not to supportoplocks.
allow_delete_readonly Boolean Specifies whether read-only files inthe SMB share can be deleted.
ntfs_acl_support Boolean Supports NTFS Access Control List(ACL) on files and directories.
access_based_enumeration Boolean Enumerates only the files and foldersthat the requesting user has accessto, but does not apply to the rootdirectory of the share.
access_based_enumeration_root_only Boolean Specifies whether access-basedenumeration is used in the rootdirectory of the SMB share.
host_acl array Provides a list of hostnames,subnets, or IP addresses that areallowed or denied access to theshare. All of these types are allowedunless specifically denied. It isrecommended that a deny clause bethe final entry in the list.
SMB resources
68 OneFS 7.0.1 Platform API Reference
SMB global settings resourceThis resource applies the standard system object pattern to the global SMB sharesettings.
Operation Method and URI- -Get the global SMB settings GET /platform/1/protocols/smb/settings/
global
Modify the global SMB settings PUT /platform/1/protocols/smb/settings/global
View the detailed JSON schema for theSMB share summary
GET /platform/1/protocols/smb/settings/global?describe
Query parametersscope
When specified as effective, or when not specified, all the fields are returned. Whenspecified as user, only the fields with non-default values are returned. Whenspecified as default, the original values are returned.
Object properties and structure
Property Type Description
service Boolean Specifies whether the SMB service is enabled.
access_based_share_enum Boolean Enumerates only shares that the requesting userhas access to.
audit_fileshare string Specifies the level of file share audit events tolog.
audit_logon string Specifies the level of logon audit events to log.
dot_snap_accessible_child Boolean Enables access to .snapshot directories in SMBshare subdirectories. This property does notaffect the root directory of the SMB share.
dot_snap_accessible_root Boolean Enables access to the .snapshot directory in theroot of all the SMB shares.
dot_snap_visible_child Boolean Shows .snapshot directories in the SMB sharesubdirectories. This property does not affect theroot directory of the SMB share.
dot_snap_visible_root Boolean Shows the .snapshot directory in the root of allSMB shares.
enable_security_signatures Boolean Indicates whether the server supports signedSMB packets.
guest_user string Specifies the fully qualified username to use forguest access.
SMB resources
SMB global settings resource 69
Property Type Description
ignore_eas Boolean Specifies whether to ignore extended attributes(EAs) on files.
onefs_cpu_multiplier integer Specifies the number of OneFS driver workerthreads per CPU.
onefs_num_workers integer Sets the maximum number of OneFS driverworker threads.
require_security_signatures Boolean Indicates whether the server requires signedSMB packets.
server_string string Provides a description of the server.
srv_cpu_multiplier integer Specifies the number of SRV service workerthreads per CPU.
srv_num_workers integer Sets the maximum number of SRV serviceworker threads.
support_netbios Boolean Specifies whether NetBIOS support is supportedon the server.
support_smb2 Boolean Specifies whether the SMB2 protocol issupported on the server.
Share propertiesObject properties for an SMB share.
Property Type Description
run_as_root run as root onpage 72
Lists the personas to be runas root. The permissions forthe personas in this listoverride permissionsspecified elsewhere.
allow_execute_always Boolean Enables users to executefiles that they have readrights for.
strict_locking Boolean Specifies whether byterange locks contend withSMB I/O.
hide_dot_files Boolean Hides files and directoriesthat begin with a period.
impersonate_guest string Specifies the condition inwhich user access isperformed as the guestaccount.
strict_flush Boolean Determines whether thedata is always flushed todisk.
SMB resources
70 OneFS 7.0.1 Platform API Reference
Property Type Description
mangle_byte_start integer Provides the starting valuefor the automatic bytemangling range (in decimalnotation).
directory_create_mask integer Specifies the permissionbits (in decimal notation)that can be set when adirectory is created.
directory_create_mode integer Specifies the permissionbits that are set when adirectory is created.
file_create_mask integer Specifies the permissionbits (in decimal notation)that can be set when a file iscreated.
file_create_mode integer Specifies the permissionbits that are set when a fileis created.
create_permissions string Determines howpermissions are set for newfiles and directories in theSMB share.
mangle_map array Specifies the charactermangle map.
impersonate_user string Specifies the user accountto be used as a guestaccount.
change_notify string Specifies the level of changenotification alerts on theSMB share.
oplocks Boolean Specifies whether to supportoplocks.
allow_delete_readonly Boolean Specifies whether read-onlyfiles in the SMB share canbe deleted.
ntfs_acl_support Boolean Supports NTFS accesscontrol lists (ACLs) on filesand directories.
access_based_enumeration Boolean Enumerates only the filesand folders that therequesting user has accessto. This does not apply tothe root directory of theshare.
SMB resources
Share properties 71
Property Type Description
access_based_enumeration_root_only Boolean Specifies whether access-based enumeration is usedin the root directory of theSMB share.
host_acl array Lists the hostnames,subnets, or IP addressesthat are allowed or deniedaccess to the share. Alltypes are allowed unlessspecifically denied. It isrecommended that a denyclause be the final entry inthe list.
inheritable_path_acl string Sets an inheritable ACL onthe SMB share path.
id string Provides the system ID givento the SMB share. In a POSTrequest, this value is the IDthat refers to the item in thecollection item resourcepath.
description string Describes the SMB share.
path string Provides the path of theSMB share within /ifs.
name string Provides the SMB sharename.
csc_policy string Provides the client-sidecaching policy for the SMBshares.
browsable Boolean Ensures that the SMB shareis visible in net view and inthe browse list.
permissions permissions onpage 73
Provides the ordered list ofpermission modifications.
Run as root propertiesObject properties for run as root.
Property Type Description
id integer Provides the serialized form of the persona (such as 'UID:0','USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').
name string Provides the persona name, which must be combined with type.
type string Provides the type of persona, which must be combined with name.
SMB resources
72 OneFS 7.0.1 Platform API Reference
Permissions propertiesObject properties for permissions.
Property Type Description
permission string Provides the file system rights that are to beallowed or denied.
permission_type string Specifies whether to allow or deny thepermission.
trustee trustee on page73
A persona that consists of either a type and aname or an id.
Trustee propertiesObject properties for trustees.
Property Type Description
id integer Provides the serialized form of the persona (such as 'UID:0','USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').
name string Provides the persona name, which must be combined with type.
type string Provides the type of persona, which must be combined with name.
Open files propertiesObject properties for open files.
Property Type Description
id integer Provides the system ID given to the file. In a POST request, thisvalue is the ID used to refer to the item in the collection itemresource path.
file string Provides the path of the file within /ifs.
user string Provides the name of the user with the file opened.
locks integer Provides the number of locks the user holds on the file.
permissions string Provides the permissions on the file for the user.
Sessions propertiesObject properties for an SMB session.
Property Type Description
id integer Provides the ID for the SMB session.
computer string Provides the internet address for the client.
user string Provides the local user name.
SMB resources
Permissions properties 73
Property Type Description
client_type string Provides the client type.
openfiles integer Provides the number of files current opened by the client.
active_time integer Provides the number of seconds since the session started.
idle_time integer Provides the number of seconds since the last client operation.
guest_login Boolean When set to true, guests can log in.
encryption Boolean When set to true, the session is encrypted.
SMB resources
74 OneFS 7.0.1 Platform API Reference
CHAPTER 6
Quota resources
These resources allow users to retrieve, create, modify, or delete SmartQuotasconfigurations and settings.
u Quota license resource..........................................................................................76u Quota summary resource......................................................................................76u Quotas resource....................................................................................................77u Quota quotas notification rules resource...............................................................78u Quota reports resource..........................................................................................79u Quota about reports resource................................................................................81u Quota report settings resource..............................................................................81u Quota default notifications rules resource.............................................................82u Quota mappings settings resource........................................................................83u Quotas properties.................................................................................................84u Persona properties................................................................................................85u Usage properties...................................................................................................86u Threshold properties.............................................................................................86
Quota resources 75
Quota license resourceThis resource retrieves license information for the SmartQuotas feature.
Operation Method and URI- -Get license information for a quota GET /platform/1/quota/license
View the detailed JSON schema for the quotalicense
GET /platform/1/quota/license?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
duration integer Provides the total duration in seconds for temporary licenses.
expiration integer Provides the UNIX Epoch time when the license expires.
status array Provides the current status of the license. Possible states are:activated, evaluation, expired, inactive, and unknown.
name string Provides the name of the licensed feature.
Quota summary resourceThis resource returns summary information for file system quotas.
Operation Method and URI- -Get the quota collection summary. GET /platform/1/quota/quotas-
summary
View detailed JSON schema for the quotasummary
GET /platform/1/quota/quotas-summary?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
count integer Provides the total number of quotas.
default_group_quotas_count integer Provides the total number of default-groupquotas.
default_user_quotas_count integer Provides the total number of default-userquotas.
Quota resources
76 OneFS 7.0.1 Platform API Reference
Property Type Description
directory_quotas_count integer Provides the total number of directory quotas.
group_quotas_count integer Provides the total number of group quotas.
linked_quotas_count integer Provides the total number of user and grouptotals that are linked.
user_quotas_count integer Provides the total number of user quotas.
Quotas resourceThis resource applies the standard collection pattern to file system quotas.
Operation Method and URI- -Get one quota GET /platform/1/quota/quotas/<quota-id>
Get all quotas GET /platform/1/quota/quotas
Create a quota POST /platform/1/quota/quotas
Modify a quota PUT /platform/1/quota/quotas/<quota-id>
Delete a quota DELETE /platform/1/quota/quotas/<quota-id>
Delete all quotas DELETE /platform/1/quota/quotas
View the detailed JSON schema forall quotas
GET /platform/1/quota/quotas?describe
View the detailed JSON schema for asingle quota object
GET /platform/1/quota/quotas/<quota-id>?describe
Query Parameterspath
Only applies to quotas matching this path (see recurse_path_*).
type
Only applies to quotas matching this type.
persona
Only applies to user or group quotas that match this persona. This parameter must beused with the corresponding type argument).
include_snapshots
Only applies to quotas with the setting for include_snapshots.
enforced
Only applies to quotas with this enforcement (non-accounting).
exceeded
Only list quotas which have exceeded one or more of their thresholds.
recurse_path_parents
If used with the path argument, this parameter applies to all quotas at that path or atany parent directory.
Quota resources
Quotas resource 77
recurse_path_children
If used with the path argument, this parameter applies to all quotas at that path or atany descendent subdirectory.
report_id
Uses the named report as a source rather than the live quotas. See the quota reportsresource for a list of valid reports.
zone
An optionally named zone for user and group resolution.
resolve_names
If true, resolves group and user names in personas.
limit
Return no more than this many results at once (see resume).
resume
Continue returning results from a previous request (cannot be used with otherparameters).
Object Properties and Structure
Property Type Description
total integer Provides the total number of quotas available.
resume integer Provides the value for the resume argument to be usedfor continuation requests.
container Boolean Enables the SMB shares using the quota directory tosee the quota threshold as the share size.
quotas quotas on page84
Properties for a quota.
Quota quotas notification rules resourceThis resource applies the standard collection pattern to the notification rules for a quota.
Operation Method and URI- -Get a notification rule for aquota
GET /platform/1/quota/quotas/<quota-id>/notifications/<notification-id>
Get all notification rules for aquota
GET /platform/1/quota/quotas/<quota-id>/notifications
Create notification rules for aquota
POST /platform/1/quota/quotas/<quota-id>/notifications
Create empty overridenotification rules for a quota
PUT /platform/1/quota/quotas/<quota-id>/notifications
Modify notification rules for aquota
PUT /platform/1/quota/quotas/<quota-id>/notifications/<notification-id>
Delete notification rules for aquota
DELETE /platform/1/quota/quotas/<quota-id>/notifications/<notification-id>
Quota resources
78 OneFS 7.0.1 Platform API Reference
Operation Method and URI- -Delete all notification rules for aquota
GET /platform/1/quota/quotas/<quota-id>/notifications
View detailed JSON schema forquota notification rules
GET /platform/1/quota/quotas/<quota-id>/notifications?describe
View detailed JSON schema fora single quota notification ruleobject
GET /platform/1/quota/quotas/<quota-id>/notifications/<notification-id>?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
id string Provides the system ID given to the rule. In a POSTrequest, this is the ID of the created item that refers tothe item in the collection item resource path.
action_alert string Sends an alert when the rule matches.
action_email_address string Sends an email to a specific address when the rulematches.
action_email_owner string Sends an email to the quota domain owner when therule matches.
email_template string Provides the path of the optional /ifs template fileused for email.
condition array Provides the condition that must occur on the quota totrigger notification actions. Options include: exceeded,denied, violated, expired.
holdoff integer Provides the time to wait between detections for rulesthat are triggered by user actions.
Quota reports resourceThis resource applies the standard collection pattern to quota reports.
Operation Method and URI- -Get a quota report GET /platform/quota/reports/<report-
id>?contents
Get all quota reports GET /platform/quota/reports
Create a quota report POST /platform/quota/reports/<report-id>?contents
Quota resources
Quota reports resource 79
Operation Method and URI- -Delete a quota report DELETE /platform/quota/reports/<report-
id>
View detailed JSON schema aboutquota reports.
GET /platform/quota/reports?describe
View detailed JSON schema about asingle quota reports object.
GET /platform/quota/reports/<report-id>?describe
Query parameterstype
Only applies to reports matching this type.
generated
Applies to reports that match the source type (scheduled, manual, or all).
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from a previous request (cannot be used with otherparameters).
Object properties
Property Type Description
total integer Provides the total number of reports available.
id string Provides the system ID given to the report. In a POST request, thisvalue is the ID that refers to the created item in the collection itemresource path.
generated string Indicates whether the report was generated manually (live) orscheduled.
type string Indicates whether the report is a summary report or detail report.
resume string Provides the value of the resume argument to be used forcontinuation calls.
time integer Provides the UNIX Epoch time that the report was generated.
Quota resources
80 OneFS 7.0.1 Platform API Reference
Quota about reports resourceThis resource applies the standard system object pattern to return metadata forindividual quota reports.
Operation Method and URI- -Get metadata about a report GET /platform/1/quota/reports/<report-id>/
about
View detailed JSON schema forabout reports
GET /platform/1/quota/reports/<report-id>/about?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
id string Provides the system ID given to the report. In a POST request, this isthe ID of the created item that refers to the item in the collectionitem resource path.
generated string Indicates whether the report was generated manually (live) or by aschedule.
type string Indicates whether the report is a summary report or detail report.
time integer Provides the UNIX Epoch time the report was taken.
Quota report settings resourceThis resource applies the standard system object pattern to quota report settings.
Operation Method and URI- -Get quota report settings GET /platform/1/quota/settings/
reports
Modify quota report settings PUT /platform/1/quota/settings/reports
View the detailed JSON schema about reportsettings
GET /platform/1/quota/settings/reports?describe
Query parametersThere are no parameters for this resource.
Quota resources
Quota about reports resource 81
Object properties
Property Type Description
id string The system ID given to the rule. In a POST request, this isthe ID of the created item that is used to refer to the item inthe collection item resource path
live_dir string Provides the directory on /ifs where manual or live reportsare placed.
live_retain integer Provides the number of manual reports to keep.
schedule string Provides the isidate schedule used to generate reports.
scheduled_dir string Provides the directory on /ifs where schedule reports areplaced.
scheduled_retain integer Provides the number of scheduled reports to keep.
schedule string Provides the schedule for repeated notification rules.
threshold integer Provides the detected quota threshold.
Quota default notifications rules resourceThis resource applies the standard collection pattern to default quota notification rules.
Operation Method and URI- -Get default global notification rules GET /platform/1/quota/settings/
notifications/<notification-id>or GET /platform/1/quota/quotas/<report-id>/notifications
Get a default global notification rule GET /platform/1/quota/settings/notifications/<notification-id>or GET /platform/1/quota/quotas/<report-id>/notifications
Create a default global notificationrule
POST /platform/1/quota/settings/notifications/<notification-id>or POST /platform/1/quota/quotas/<report-id>/notifications/<notification-id>
Modify a default global notificationrule
PUT /platform/1/quota/settings/notifications/<notification-id>or PUT /platform/1/quota/quotas/<report-id>/notifications/<notification-id>
Delete default global notificationrules
DELETE /platform/1/quota/settings/notificationsor DELETE /platform/1/quota/quotas/<report-id>/notifications
Quota resources
82 OneFS 7.0.1 Platform API Reference
Operation Method and URI- -Delete a default global notificationrule
DELETE /platform/1/quota/settings/notifications/<notification-id>or DELETE /platform/1/quota/quotas/<report-id>/notifications/<notification-id>
View the detailed JSON schemaabout global notification rules
GET /platform/1/quota/settings/notifications?describe
View the detailed JSON schemaabout a global notification rule
GET /platform/1/quota/settings/notifications/<notification-id>?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
id string Provides the system ID given to the rule. In a POSTrequest, this is the ID of the created item that refers tothe item in the collection item resource path.
action_alert string Sends an alert when the rule matches.
action_email_address string Sends an email to a specific address when the rulematches.
action_email_owner string Sends an email to the quota domain owner when therule matches.
email_template string Provides the path of the optional /ifs template fileused for email.
condition array Provides the condition that must occur on the quota totrigger notification actions. Options consist of:exceeded, denied, violated, and expired.
holdoff integer Provides the time to wait between detections for rulestriggered by user actions.
schedule string Provides the schedule for repeated notification rules.
threshold integer Provides the detected quota threshold.
Quota mappings settings resourceThis resource applies the standard collection pattern to quota notification email mappingrules.
Operation Method and URI- -Get quota email mapping settings GET /1/quota/settings/mappings
Quota resources
Quota mappings settings resource 83
Operation Method and URI- -Create quota email mapping settings POST /1/quota/settings/mappings/
<domain>
Modify quota email mapping setting PUT /1/quota/settings/mappings/<domain>
Delete a quota email mapping setting DELETE /1/quota/settings/mappings/<domain>
Delete all quota email mapping settings DELETE /1/quota/settings/mappings
View the detailed JSON schema for quotaemail mapping settings
GET /1/quota/settings/mappings?describe
View the detailed JSON schema for a quotaemail mapping settings object
GET /1/quota/settings/mappings/<domain>?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
id integer Provides the system ID given to the domain. In a POST request, thisis the ID of the created item that refers to the item in the collectionitem resource path.
domain string Provides the fully qualified domain name of the source domain tomap.
mapping string Provides the fully qualified domain name of the destination domainto map to.
type array Provides the authentication provider type. Options include: ADS,local, NIS, LDAP, and file.
Quotas propertiesObject properties for quotas.
Property Type Description
id string Provides the system ID given to thequota. In a POST request, this is the IDof the created item that refers to theitem in the collection item resourcepath.
enforced Boolean True if the quota providesenforcement, otherwise an accountingquota.
Quota resources
84 OneFS 7.0.1 Platform API Reference
Property Type Description
force string Forces the creation of quotas on theroot of /ifs.
include_snapshots Boolean True if the quota governs snapshotdata as well as head data.
linked Boolean True if the quota for a user or group islinked and controlled by a parentdefault-* quota. Linked quotas cannotbe modified until they are unlinked.
notifications array Provides a summary of notifications:custom indicates that one or morenotification rules are available fromthe notifications sub-resource; defaultindicates that the system default rulesare used; disabled indicates that nonotifications are used for this quota.
path string The /ifs path governed.
ready Boolean True if the accounting is accurate onthe quota. If false, this quota iswaiting on the completion of aQuotaScan job.
thresholds_include_overhead Boolean True if thresholds apply to the dataplus file system overhead that isrequired to store the data (such asphysical usage).
type array Provides the type of quota.
persona persona onpage 85
Properties for a persona. A personaconsists of either a name and a type oran id.
usage usage on page86
Properties for quota usage.
thresholds threshold onpage 86
Properties for quota thresholds.
Persona propertiesObject properties for personas.
Property Type Description
id integer Provides the serialized form of the persona (such as 'UID:0','USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').
name string Provides the persona name, which must be combined with a type.
type string Provides the type of persona, which must be combined with a name.
Quota resources
Persona properties 85
Usage propertiesObject properties for quota usage.
Property Type Description
inodes integer Provides the number of inodes (file system entities) used bygoverned data.
logical integer Provides the apparent bytes used by governed data.
physical integer Provides the bytes used for governed data and file system overhead.
Threshold propertiesObject properties for quota thresholds.
Property Type Description
advisory integer Provides the usage bytes at which notifications are sentbut writes are not denied.
advisory_exceeded Boolean True if the advisory threshold was hit.
hard integer Provides the usage bytes at which further writes aredenied.
hard_exceeded Boolean True if the hard threshold was hit.
soft integer Provides the usage bytes at which notifications are sentand soft grace time is started.
soft_exceeded Boolean True if the soft threshold was hit.
soft_grace integer Provides the time in seconds after which the softthreshold is hit and before writes are denied.
Quota resources
86 OneFS 7.0.1 Platform API Reference
CHAPTER 7
Snapshot resources
These resources allow users to retrieve, create, modify, or delete snapshot configurationsand settings.
u Snapshot license resource....................................................................................88u Snapshot summary resource.................................................................................88u Snapshots resource..............................................................................................89u Snapshot schedules resource...............................................................................90u Snapshot locks resource.......................................................................................91u Snapshot pending resource...................................................................................92u Snapshot settings resource...................................................................................93u Snapshot properties..............................................................................................94u Schedules properties............................................................................................95u Lock properties.....................................................................................................95u Pending properties................................................................................................95
Snapshot resources 87
Snapshot license resourceThis resource retrieves license information for SnapshotIQ.
Operation Method and URI- -Get license information for SnapshotIQ GET /platform/1/snapshot/license
View the detailed JSON schema for snapshotslicense
GET /platform/1/snapshot/license?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
duration integer Provides the total duration in seconds for temporary licenses.
expiration integer Provides the UNIX Epoch time when the license expires.
status array Provides the current status of the license. Possible states are:activated, evaluation, expired, inactive, and unknown.
name string Provides the name of the licensed feature.
Snapshot summary resourceThis resource returns summary information for file system snapshots.
Operation Method and URI- -Get the snapshot summary GET /platform/1/snapshot/
snapshots-summary
View the detailed JSON schema for snapshotsummary
GET /platform/1/snapshot/snapshots-summary?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
count integer Provides the total number of snapshots.
active_count integer Provides the total number of snapshots that are not aliases orpending for deletion.
deleting_count integer Provides the total number of snapshots that are pending fordeletion.
Snapshot resources
88 OneFS 7.0.1 Platform API Reference
Property Type Description
aliases_count integer Provides the total number of snapshot aliases.
shadow_bytes integer Provides the number of bytes in a snapshot that arereferenced in a shadow store.
size integer Provides the sum of sizes in bytes of all snapshots.
active_size integer Provides the sum of sizes of snapshots that are not aliases orpending for deletion.
deleting_size integer Provides the sum of sizes of snapshots that are pending fordeletion.
Snapshots resourceThis resource applies the standard collection pattern to file system snapshots.
Operation Method and URI- -Get a single snapshot GET /platform/1/snapshot/snapshots/<id|
snapshot name>
Get a list of snapshots GET /platform/1/snapshot/snapshots
Create a snapshot POST /platform/1/snapshot/snapshots
Modify a snapshot PUT /platform/1/snapshot/snapshots/<id|snapshot name>
Delete a snapshot DELETE /platform/1/snapshot/snapshots/<id|snapshot name>
Delete all snapshots DELETE /platform/1/snapshot/snapshots
View the detailed JSON schemafor a single snapshot object
GET /platform/1/snapshot/snapshots/<id|snapshot name>?describe
View the detailed JSON schemafor snapshots
GET /platform/1/snapshot/snapshots?describe
Query parameterssort
Order results by this field; options consist of id, name, path, created, expires, size,has_locks, schedule, alias_target, alias_target_name, pct_filesystem, pct_reserve,and state. The default value is id.
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
schedule
Only list snapshots that were created by this schedule.
type
Only list snapshots that match this type.
state
Snapshot resources
Snapshots resource 89
Only list snapshots that match this state (such as active).
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from previous request (cannot be used with otherparameters).
Object properties
Property Type Description
total integer Provides the total number of items available.
resume string Provides the value for the resume argument to beused for continuation requests.
snapshots snapshots on page 94 Properties for a snapshot.
Snapshot schedules resourceThis resource applies the standard collection pattern to snapshot schedules.
Operation Method and URI- -Get a single snapshot schedule GET /platform/1/snapshot/schedules/<id|
schedule name>
Get a list of snapshot schedules GET /platform/1/snapshot/schedules
Create a snapshot schedule POST /platform/1/snapshot/schedules
Modify a snapshot schedule PUT /platform/1/snapshot/schedules/<id|schedule name>
Delete a snapshot schedule DELETE /platform/1/snapshot/schedules/<id|schedule name>
Delete all snapshot schedules DELETE /platform/1/snapshot/schedules
View the detailed JSON schemafor a single snapshot scheduleobject
GET /platform/1/snapshot/schedules/<id|schedule name>?describe
View the detailed JSON schemafor snapshot schedules
GET /platform/1/snapshot/schedules?describe
Query parameterssort
Order results by this field; options consist of id, name, path, pattern, schedule,duration, alias, next_run, and next_snapshot. The default option is id.
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The defaultsetting is ascending.
limit
Return no more than this many results at one time (see resume).
Snapshot resources
90 OneFS 7.0.1 Platform API Reference
resume
Continue returning results from previous request (cannot be used with other options).
Object properties
Property Type Description
total integer Provides the total number of schedules to display.
resume string Provides the value for the resume argument to beused for continuation requests.
schedules schedules on page 95 Properties for snapshot schedules.
Snapshot locks resourceThis resource applies the standard collection pattern to locks on an individual snapshot.
Operation Method and URI- -Get a single lock on asnapshot
GET /platform/1/snapshot/snapshots/<snapshot-name|id>/locks/<lock-id>
Get a list of locks on asnapshot
GET /platform/1/snapshot/snapshots/<id|snapshot name>/locks
Create a lock on a snapshot POST /platform/1/snapshot/snapshots/<snapshot-name|id>/locks
Modify a lock on a snapshot PUT /platform/1/snapshot/snapshots/<snapshot-name|id>/locks/<lock-id>
Remove a lock from asnapshot
DELETE /platform/1/snapshot/snapshots/<lock-id>/locks
View the detailed JSONschema for a single snapshotlock object
GET /platform/1/snapshot/snapshots/<snapshot-name|id>/locks/<lock-id>?describe
View the detailed JSONschema for snapshot locks
GET /platform/1/snapshot/snapshots/<id|snapshot name>/locks?describe
Query parameterssort
Order results by this field; options consist of id, expires, and comment. The defaultoption is id.
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The defaultoption is ascending.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from previous request (cannot be used with otherparameters).
Snapshot resources
Snapshot locks resource 91
Object properties
Property Type Description
total integer Provides the number of items available.
resume string Provides the value for the resume argument to be usedfor continuation calls.
locks locks on page 95 Properties for a lock on a snapshot.
Snapshot pending resourceThis resource applies the standard collection pattern to snapshots that will be generatedby a snapshot schedule.
Operation Method and URI- -Get a list of scheduled pending snapshots GET /platform/1/snapshot/pending
View the detailed JSON schema for pendingsnapshots
GET /platform/1/snapshot/pending?describe
Query parametersschedule
Limit output only to the named schedule.
begin
UNIX Epoch time to start generating matches. The default option is now.
end
UNIX Epoch time to end generating matches. The default option is forever.
limit
Return no more than this many results at once (see resume).
resume
Continue returning results from a previous request (cannot be used with otherparameters.)
Object propertiesresume
Property Type Description
resume string Provides the value for the resume argument to beused for continuation requests.
pending pending on page 95 Properties for pending snapshots.
Snapshot resources
92 OneFS 7.0.1 Platform API Reference
Snapshot settings resourceThis resource applies the standard settings pattern to global snapshot settings.
Operation Method and URI- -Get the current snapshot settings GET /platform/1/snapshot/settings
Modify the current snapshot settings PUT /platform/1/snapshot/settings
View the detailed JSON schema for snapshotsettings
GET /platform/1/snapshot/settings?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
service Boolean True if the system allows snapshot creation.
autocreate Boolean True if the scheduled snapshot creation services isenabled.
autodelete Boolean True if the scheduled snapshot deletion services isenabled.
reserve integer Sets the percentage of space to reserve forsnapshots.
global_visible_accessible Boolean Enables a global switch for accessibility andvisibility settings of snapshot directories.
nfs_root_accessible Boolean True if the root .snapshot directory is accessibleover NFS.
nfs_root_visible Boolean True if the root .snapshot directory is visible overNFS.
nfs_subdir_accessible Boolean True if the subdirectory .snapshot directories areaccessible over NFS.
local_root_accessible Boolean True if the root .snapshot directory is accessiblelocally.
local_root_visible Boolean True if the root .snapshot directory is visiblelocally.
local_subdir_accessible Boolean True if the subdirectory .snapshot directories areaccessible locally.
smb_root_accessible Boolean True if the root .snapshot directory is accessibleover SMB.
smb_root_visible Boolean True if the root .snapshot directory is visible overSMB.
Snapshot resources
Snapshot settings resource 93
Property Type Description
smb_subdir_accessible Boolean True if the subdirectory .snapshot directories areaccessible over SMB.
Snapshot propertiesObject properties for snapshots.
Property Type Description
id integer Provides the system ID that is given to the snapshot. ThisID is useful for tracking the status of delete pendingsnapshots, because after being marked for deletion, asnapshot can no longer be referenced by name. In a POSTrequest, this value is the ID that refers to the item in thecollection item resource path.
name string Provides the user or system supplied snapshot name.This value is null for snapshots that are pending delete.
shadow_bytes integer Provides the number of bytes in a snapshot that isreferenced in a shadow store.
schedule string Provides the name of the schedule used to create thissnapshot, if applicable.
created integer Provides the Unix Epoch time the snapshot was created.
expires integer Provides the Unix Epoch time the snapshot expires and iseligible for automatic deletion.
path string Provides a snapshot of the /ifs path.
size integer Provides the amount of storage (in bytes) used to storethis snapshot.
pct_filesystem integer Provides the percentage of the /ifs directory that isstoring this snapshot.
pct_reserve integer Provides the percentage of the configured snapshot thatis reserved to store this snapshot.
alias_target integer Provides the ID of the snapshot pointed to if this value isan alias.
alias_target_name string The name of the snapshot pointed to if this value is analias.
has_locks Boolean True if the snapshot has one or more locks present. Seethe locks resource of a snapshot for a list of locks.
state string Provides the snapshot state. The options are active ordeleting.
Snapshot resources
94 OneFS 7.0.1 Platform API Reference
Schedules propertiesObject properties for schedules.
Property Type Description
id integer Provides the system ID given to the schedule. In a POSTrequest, this value is the ID that refers to the item in thecollection item resource path.
name string Provides the name of the schedule.
pattern string Creates names for snapshot schedules according to a patternwith the strftime function.
path string Provides the path to take a snapshot of.
schedule string Provides the isidate compatible natural language descriptionof the schedule.
duration integer Provides the amount of time before a snapshot isautomatically deleted by a schedule.
alias string Provides the alternative name to create for each snapshot.
next_run integer Provides the UNIX Epoch time of next snapshot to be created.
next_snapshot string Provides the formatted name of the next snapshot to becreated.
Lock propertiesObject properties for locks.
Property Type Description
id integer Provides the system generated lock ID. In a POST request, this valuerefers to the item in the collection item resource path.
comment string Provides the user-supplied lock comment.
expires integer Provides the UNIX Epoch time the snapshot lock expires and iseligible for automatic deletion.
Pending propertiesObject properties for pending snapshots.
Property Type Description
id string Provides the system supplied unique ID used for sorting and paging.
schedule string Provides the name of the schedule that created this snapshot.
time integer Provides the UNIX Epoch time the snapshot will be created.
snapshot string Provides the system snapshot name formed from the scheduleformate.
Snapshot resources
Schedules properties 95
Property Type Description
path string Provides the /ifs path of the snapshot that is taken.
Snapshot resources
96 OneFS 7.0.1 Platform API Reference
CHAPTER 8
Zones resources
These resources allow users to retrieve, create, modify, or delete access zoneconfigurations and settings.
u Zones summary resource......................................................................................98u Zones resource......................................................................................................98u Zone persona properties.......................................................................................99
Zones resources 97
Zones summary resourceThis resource returns summary information for access zones.
Operation Method and URI- -Get the zones summary GET /platform/1/zones-summary
View detailed JSON schema for the zonessummary
GET /platform/1/zones-summary?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
count integer Provides the total number of zones.
Zones resourceThis resource applies the standard collection pattern to access zones.
Operation Method and URI- -Get one zone GET /platform/1/zones/<zone-id>
Get all zones GET /platform/1/zones
Create a zone POST /platform/1/zones
Modify a zone PUT /platform/1/zones/<zone-id>
Delete a zone DELETE /platform/1/zones/<zone-id>
View the detailed JSON schema for all zones GET /platform/1/zones?describe
View the detailed JSON schema for a singlezone object
GET /platform/1/zones/<zone-id>?describe
Query parametersThere are no parameters for this resource.
Object properties
Property Type Description
id string Provides the system ID for the zone. In aPOST request, this value is the ID thatrefers to the item in the collection itemresource path.
Zones resources
98 OneFS 7.0.1 Platform API Reference
Property Type Description
all_auth_providers Boolean Enables all authentication providers thatare available.
all_smb_shares Boolean Enables all SMB shares that areavailable.
alternate_system_provider string Provides an alternate system provider.
auth_providers array Provides the list of authenticationproviders used on this zone.
cache_size integer Specifies the maximum size of zone in-memory cache.
home_directory_umask integer Provides the permissions set onautomatically created user homedirectories.
local_provider Boolean Enables the local provider.
map_untrusted string Maps untrusted domains to the NetBIOSdomain during authentication.
name string Provides the zone name.
netbios_name string Provides the NetBIOS name.
skeleton_directory string Provides the skeleton directory that isused for user home directories.
smb_shares array Provides the list of SMB share namesavailable within this zone.
system Boolean Indicates whether the zone is built-in.
system_provider string Provides the system provider for thezone.
user_mapping_rules array Provides the current ID mapping rules.
zone_id integer Provides the zone ID on the system.
ifs_restricted persona onpage 99
Returns an array of persona objects.
Zone persona propertiesObject properties for zone personas.
Property Type Description
id integer The serialized form of the zone (such as 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').
name string The persona name, which must be combined with type.
type string The type of persona, which must be combined with name.
Zones resources
Zone persona properties 99
Zones resources
100 OneFS 7.0.1 Platform API Reference