The Symantec Data Insight Fpolicy server can register with the NetApp vfiler and receive file access events from it. Fpolicy has to be enabled and configured on that NetApp vfiler manually.
To configure the Fpolicy on the NetApp vfiler using manual steps
To get the vfiler name:
vfiler status
Choose the name of the vfiler that you want to configure and then perform the following operations for that vfiler. Ignore the name, vfiler0, which is the default name given to the physical filer by NetApp.
To create a policy:
vfiler run vfilername fpolicy create matpol screen
To enable a policy:
vfiler run vfilername fpolicy enable matpol -f
To set the Fpolicy for CIFS to monitor specific events:
vfiler run vfilername fpolicy mon add matpol -p cifs -f write,open,close,delete,rename,create
To set Fpolicy for NFS to monitor specific events:
vfiler run vfilername fpolicy mon add matpol -p nfs -f create, delete,rename,write,open,link,symlink,setattr
To set the Fpolicy for CIFS to monitor specific events on NetApp filer versions 7.3 or higher:
Enable set attributes operation:
vfiler run vfilername fpolicy options cifs_setattr on
vfiler run vfilername fpolicy options nfs_setattr on
Add events to be monitored:
vfiler run vfilername fpolicy mon add matpol -p cifs -f write,open,close,delete,rename,create,setattr
vfiler run vfilername fpolicy mon add matpol -p nfs -f create, delete,rename,write,open,link,symlink,setattr
To see details of a configured policy:
vfiler run vfilername fpolicy show matpol
To disable monitoring of specific events:
vfiler run vfilername fpolicy mon remove matpol -p cifs -f write,open,close,delete,rename,create
vfiler run vfilername fpolicy mon remove matpol -p nfs -f create, delete,rename,write,open,link,symlink,setattr
To disable use of a policy:
vfiler run vfilername fpolicy disable matpol
To delete a policy:
vfiler run vfilername fpolicy destroy matpol
where, vfilername is the name of the vfiler you want to configure.
vfiler run vfilername useradmin domainuser add domain-username -g Administrators
To configure a non-administrator user:
vfiler run vfilername useradmin domainuser list -g Administrators
A list with the SIDs of the configured domain users appears. To resolve the SIDs, run the following command:
cifs lookup SID