Onefs Platform Api Reference 7 0 1 PDF

Isilon
OneFS
Version 7.0.1
Platform API Reference
Published December, 2012

Copyright 2001 - 2012 EMC Corporation. All rights reserved.
EMC believes the information in this publication is accurate as of its publication date. The information is subject to change
without notice.
The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with
respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a
particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable
software license.
EMC, EMC, and the EMC logo are registered trademarks or trademarks of EMC Corporation in the United States and other
countries. All other trademarks used herein are the property of their respective owners.
For the most up-to-date product documentation, go to the Isilon Customer Support Center.
EMC Corporation
Hopkinton, Massachusetts 01748-9103
1-508-435-1000 In North America 1-866-464-7381
www.EMC.com
OneFS 7.0.1 Platform API Reference
CONTENTS
Chapter 1
Introduction to the Platform API
API architecture ..............................................................................................8

HTTP methods...........................................................................................8
Interaction patterns..................................................................................8
Platform API self-documentation.............................................................11
Access Control..............................................................................................12
HTTP Basic Authentication......................................................................12
Configure a session cookie.....................................................................12
Chapter 2
Platform API session resource
15
Create a session............................................................................................16
Send a request using a session cookie..........................................................16
Get information about the current session.....................................................16
Log out of a session......................................................................................16
Chapter 3
Authentication resources
19
Auth user security token resource..................................................................20

Auth groups resource....................................................................................21
Auth groups members resource.....................................................................22
Auth users resource......................................................................................23
Auth users member of resource.....................................................................24
Auth netgroups resource...............................................................................25
Auth mapping users rules resource...............................................................25
Auth mapping users lookup resource............................................................26
Auth providers summary resource.................................................................26
Auth ADS providers resource.........................................................................27
Auth ADS providers domains resource...........................................................29
Auth ADS providers controllers resource........................................................30
Auth ADS providers search resource..............................................................31
Auth file providers resource...........................................................................32
Auth LDAP providers resource.......................................................................34
Auth local providers resource........................................................................37
Auth NIS providers resource..........................................................................39
Auth roles resource.......................................................................................41
Auth roles members resource........................................................................42
Auth roles privileges resource.......................................................................42
Auth global settings resource........................................................................43
Auth shells resource......................................................................................44
Auth wellknowns resource.............................................................................45
Persona properties........................................................................................45
Privilege properties.......................................................................................45
Groups properties.........................................................................................46
Users properties............................................................................................46
Domain properties........................................................................................48
Option properties..........................................................................................48
Roles properties............................................................................................48
CONTENTS
Chapter 4
NFS resources
49
NFS exports summary resource......................................................................50

NFS export resource......................................................................................50
NFS NLM locks resource................................................................................51
NFS NLM lock waiters resource......................................................................52
NFS NLM sessions resource...........................................................................53
NFS default export settings resource.............................................................53
NFS global settings resource.........................................................................56
NFS exports configuration check resource.....................................................57
NFS reload resource......................................................................................57
NFS export properties....................................................................................58
NLM locks properties.....................................................................................61
NLM waiter properties...................................................................................61
NLM session properties.................................................................................62
NFS map properties.......................................................................................62
Chapter 5
SMB resources
63
SMB shares summary resource.....................................................................64

SMB shares resource.....................................................................................64
SMB open files resource................................................................................65
SMB sessions resource.................................................................................66
SMB share settings resource.........................................................................67
SMB global settings resource........................................................................69
Share properties...........................................................................................70
Run as root properties...................................................................................72
Permissions properties..................................................................................73
Trustee properties.........................................................................................73
Open files properties.....................................................................................73
Sessions properties......................................................................................73
Chapter 6
Quota resources
75
Quota license resource..................................................................................76

Quota summary resource..............................................................................76
Quotas resource............................................................................................77
Quota quotas notification rules resource.......................................................78
Quota reports resource..................................................................................79
Quota about reports resource........................................................................81
Quota report settings resource......................................................................81
Quota default notifications rules resource.....................................................82
Quota mappings settings resource................................................................83
Quotas properties.........................................................................................84
Persona properties........................................................................................85
Usage properties...........................................................................................86
Threshold properties.....................................................................................86
Chapter 7
Snapshot resources
87
Snapshot license resource............................................................................88

Snapshot summary resource.........................................................................88
Snapshots resource......................................................................................89
Snapshot schedules resource.......................................................................90
Snapshot locks resource...............................................................................91
Snapshot pending resource...........................................................................92
4
CONTENTS
Snapshot settings resource...........................................................................93

Snapshot properties......................................................................................94
Schedules properties....................................................................................95
Lock properties.............................................................................................95
Pending properties........................................................................................95
Chapter 8
Zones resources
97
Zones summary resource..............................................................................98

Zones resource..............................................................................................98
Zone persona properties...............................................................................99
CONTENTS
CHAPTER 1
The Isilon OneFS Platform API provides access to cluster configuration, management, and
monitoring functionality through an HTTP-based interface that conforms to the principles
of Representation State Transfer (REST) architecture. Through this interface, cluster
administrators can develop clients and software to automate the management and
monitoring of their EMC Isilon storage systems.
The Platform API represents system configuration and status information through objects
and collections of objects. These objects and collections are exposed as resources,
which are represented by Uniform Resource Identifiers (URIs). Resources are manipulated
using standard HTTP methods (GET, POST, PUT, and DELETE). The representations of
objects and collections are exchanged between client software and the cluster as
JavaScript Object Notation (JSON) formatted documents.
You must have a solid understanding of HTTP/1.1, RFC2616 and experience
writing HTTP-based client software before you can implement the Platform API.
The following table provides definitions for terms that are relevant to understanding the
Platform API.
Object
An object is a logical grouping of system

configuration data. An object can be created by
users or an object can be a global setting on the
system.
For example, a user-created object can be a file
system snapshot, quota, share, export, block
storage target, logical unit, sync policy, job
impact policy, and so on.
An object can also be a system global setting
such as job engine settings, default share
settings, HTTP server settings, snapshot
subsystem settings, and so on.
Collection
A collection represents a group of the same or

similar types of objects. For example, all of the
user-defined quotas in the system make up a
collection of quotas.
Resource
A resource is an object, collection, or data

processing facility that is accessible by a URI
through the Platform API.
u
u
API architecture ......................................................................................................8

Access Control......................................................................................................12
API architecture
The Platform API URIs and HTTP methods are organized into patterns that provide support
for manipulating objects and collections.
Much of cluster administration involves reading, creating, modifying, and deleting
configuration information. Typically, configuration information is arranged into groups of
related settings and properties called objects; similar objects are further organized into
collections.
A system object represents global system configuration information and is not part of a
collection. A user object represents configurations that are defined by users; these
objects are typically organized into a collection.
HTTP methods
You can perform operations by applying HTTP methods to resource URIs.
The Platform API only implements the HTTP methods defined by RFC 2616, with the
following distinctions:
u
The POST method is generally used to create resources.
u
The PUT method enables partial modification of a resource through partial

representation.
The PUT and POST methods do not return full resource entity bodies upon success.
The POST method returns a document indicating the success of the request and the
location of the created resource.
Interaction patterns
You can interact with the system configuration by applying HTTP methods to resource
URIs according to a set of usage patterns.
The Platform API supports a maximum URI length of 8,198 characters.
When making multiple changes to the Platform API, it is recommended that users
send all requests to a single node to avoid potential configuration collisions.
Read a system object

You can directly manipulate configuration objects where the object has a unique
identifier; the identifier is the URL that represents the direct path to that object.
Pattern:
GET /<resource-version>/<namespace>/<object-id>
Request:
GET /<resource-version>/<namespace>/<object-id>
Response:
Content-Type: application/json
{
"<object>": {
"<property>": <value>,
...
}
}
Modify a system object

You can partially modify objects by allowing the client to send a partial representation of
the properties. Only the properties included in the representation are modified on the
resource, which leaves all other unspecified properties in their current state.
Pattern: PUT /<resource-version>/<namespace>/<object-id>
Request:
PUT /<resource-version>/<namespace>/<object-id>
{
"<property>": <value>
...
}
Response:
{Standard JSON success or error response}
Read an entire collection

You can read all of the objects in a collection through the GET method.
Pattern:
GET /<resource-version>/<namespace>/<collection-name>
Request:
GET /<resource-version>/<namespace>/<collection-name>
Response:
{
"<collection>": [
...
]
}
Read an object from a collection

You can read individual objects in a collection through the GET method. The pattern to
read an individual object in a collection is the same as the pattern to read a system
object, with the addition of a collection name in the URI.
Pattern:
GET <resource-version>/<namespace>/<collection-name>/<object-id>
Request:
GET /<resource-version>/<namespace>/<collection-name>/<object-id>
Response:
{
"<collection>": [
...
]
Interaction patterns
Create an object in a collection

You can create an object in a collection through the POST method. The system
determines the final URI where the new object is located.
Pattern:
POST /<resource-version>/<namespace>/<collection-name>
Request:
POST /<resource-version>/<namespace>/<collection-name>
{
"<property>": <value>,
...
}
Response:
Location:/<resource-version>/<namespace>/<collection-name>/<newobject-id>
Modify an object in a collection

You can modify an object in a collection through the PUT method. The pattern to modify
an object in a collection is the same as the pattern to modify a system object, with the
addition of a collection name in the URI.
Pattern:
PUT /<resource-version>/<namespace>/<collection-name>/<object-id>
Request:
PUT /<resource-version>/<namespace>/<collection-name>/<object-id>
{
"parameter_name": <value>
...
}
Response:
Delete an object from a collection

You can delete an object from a collection through the DELETE method.
Pattern:
DELETE /<resource-version>/<namespace>/<collection-name>/<object>
Request:
DELETE /<resource-version>/<namespace>/<collection-name>/<object-id>
Response:
10
Filter a collection
You can apply a filter to a collection and retrieve objects from the collection that matches
some common criteria.
Pattern: GET /<resource-version>/<namespace>/<collection-name>?
<parameter_name> =<match-pattern>&...
Request:
GET /<resource-version>/<namespace>/<collection-name>?
<parameter_name>=<match-pattern>&...
Response:
{
"count": <integer>,
"<collection-name>": [
{
"<parameter-name>":
<matched-value>,
...
},
...
]
}
Platform API self-documentation

The Platform API contains detailed self-documentation about API resources, including URI
descriptions, query arguments, allowable HTTP methods, and the request and response
JSON representation structures that are available.
You can access the Platform API self-documentation by sending a GET request to any
resource URI with the describe query parameter appended to the end of the URI. The selfdocumentation text available for that resource is returned.
For example, to obtain self-documentation for the quotas resource, send the following
request:
GET /platform/1/quota/quotas?describe
You can retrieve a list of all of the resources by appending list and all options to the
describe query parameter.
For example, to return a list of all resource paths for snapshots, send the following
request:
GET /platform/1/snapshot/snapshots?describe&list&all
HTTP_RESULT 200
{
"directory": [
"/1/snapshot/snapshots/<SID>",
"/1/snapshot/snapshots/<SID>/locks",
"/1/snapshot/snapshots/<SID>/locks/<LID>"
]
}
You can obtain the JSON schemas that are included in the self-documentation by sending
a GET request to any resource URI with the query parameters describe and json appended
to the end of the URI.
For example, to obtain the JSON-formatted schemas for the quotas resource, send the
following request:
GET /platform/1/quota/quotas?describe&json
Platform API self-documentation
11
If you include any values for either the describe or json parameters, the values are
ignored.
The JSON-formatted schema documents conform to RFC draft-zyp-jsonschema-03.
Access Control
You can access the Platform API resources through the HTTPS protocol on TCP port 8080.
All Platform API resources are provided under a top-level /platform URI path that is
available on all nodes in the cluster.
Resources are accessed through the following pattern:
https://<cluster-ip-or-host-name>:8080/<resource-uri>.
Access to Platform API resources requires user authentication and authorization. The
Platform API uses role-based access control; users can only access resources for which
they have privileges.
Users can authenticate to the Platform API either through HTTP Basic Authentication (as
defined by RFC 2617) or with a session, which is obtained through the Platform API
session resource.
HTTP Basic Authentication requires more system processing resources and is slower than
authenticating with a session cookie. For multiple requests over a period of time, it is
recommended that you create a session cookie.
HTTP Basic Authentication

You can authenticate to the Platform API through HTTP Basic Authentication. With HTTP
Basic Authentication, you must create a standard Authorization header and send the
request to the server with a valid username and password. If your username and
password are authenticated by the server, you are able to access that resource.
The following example shows a sample HTTP Basic Authentication request.
GET /platform/1/protocols/nfs/exports HTTP/1.1
Host: onefs.cluster.hostname
Authorization: Basic QWxhZGRpbjpvcGVuIHN1c2FtZQ==
HTTP Basic Authentication conforms to RFC 2617, section 2.
Configure a session cookie

You can configure a session cookie by sending credentials to a session service resource,
which responds with a Set-Cookie header. The Set-Cookie header contains an
authentication token that can then be sent to the Platform API on subsequent requests to
provide immediate authentication. Effectively, the Platform API creates a stateless
session on the cluster, which maintains the authenticated state for a period of time.
Session cookies are specific to a single node; all requests must be made to the same
node from which the session cookie was obtained.
HTTP Set-Cookie and Cookie headers conform to RFC 6265.
1. Create a JSON entity body, including the username, password, and any other
authentication information.
2. Create a session entity through the POST method.
POST <JSON entity> /platform/session/1/sessions
12
If the server validates the username and password, the server responds with a SetCookie header. Otherwise, the server responds with an error document.
3. Obtain the isisessid value from the Set-Cookie header.
4. Include the Cookie: <isisessid> header in all future Platform API requests to that
node.
Configure a session cookie
13
14
CHAPTER 2
You can set a session cookie for extended authentication on a single node.
Object parameters
There are no parameters for this resource.
Object properties
Property
Type
Description
username
string
Provides the username requesting access to the cluster.
password
string
Provides the password for the username requesting access

to the cluster.
services
array
Provides a list of Platform API services to obtain access to.
timeout_absolute integer Provides the number of seconds before the session expires.
timeout_inactive
u
u
u
u
integer Provides the number of seconds of inactivity before the

session expires.
Create a session....................................................................................................16
Send a request using a session cookie..................................................................16
Get information about the current session.............................................................16
Log out of a session..............................................................................................16
15
Create a session
You can create a session and extend your authentication to a node for multiple requests
over a period of time.
Request:
POST /session/1/session
{
"username": "<string>",
"password": "<string>",
"services": ["<string>"]
If the credentials validate, the following steps occur.

1. The server responds by sending the Set-Cookie: header with an isisessid value.
2. The client parses the cookie according to the RFC standards.
3. A pre-authenticated session is created on the node where the POST command was
executed, and the client can send a Cookie: isisessid header for access instead of
a basic HTTP authentication header.
If the credentials are not valid on the server, the server responds with an error message.
Send a request using a session cookie

After a session cookie is created, the isisessid value authenticates future requests.
Request:
Send the GET request to any Platform API resource with a Cookie: header and a set
isisessid value. No WWW-AUTHENTICATE header is needed.
Response:
If the server validates the credentials, the server grants access and processes the
request.
If the server does not validate the credentials, the server responds with an error message.
Get information about the current session

You can send a request to the server for information about the current session.
Request:
GET /session/1/session?isisessid
Response:
If the server validates the credentials, the JSON document used to create the session is
returned.
"username": <string>
"services": [<string>, ...]
"timeout_absolute": <int>,
"timeout_inactive": <int>
Log out of a session

You can manually delete a session cookie if you no longer need to stay authenticated to a
node. Session cookies are configured to expire automatically after a period of inactivity
16
(the default setting is 900 seconds) or after an absolute period of time (the default
setting is 14400 seconds).
Request:
DELETE /session/1/session?isisessid
Response:
If the server validates the credentials, the session value is no longer valid for future
requests.
Log out of a session
17
18
CHAPTER 3
These resources allow users to retrieve, create, modify, or delete authentication

providers, users, groups, and other configurations and settings.
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
u
Auth user security token resource..........................................................................20

Auth groups resource............................................................................................21
Auth groups members resource.............................................................................22
Auth users resource..............................................................................................23
Auth users member of resource.............................................................................24
Auth netgroups resource.......................................................................................25
Auth mapping users rules resource.......................................................................25
Auth mapping users lookup resource....................................................................26
Auth providers summary resource.........................................................................26
Auth ADS providers resource.................................................................................27
Auth ADS providers domains resource...................................................................29
Auth ADS providers controllers resource................................................................30
Auth ADS providers search resource......................................................................31
Auth file providers resource...................................................................................32
Auth LDAP providers resource...............................................................................34
Auth local providers resource................................................................................37
Auth NIS providers resource..................................................................................39
Auth roles resource...............................................................................................41
Auth roles members resource................................................................................42
Auth roles privileges resource...............................................................................42
Auth global settings resource................................................................................43
Auth shells resource..............................................................................................44
Auth wellknowns resource.....................................................................................45
Persona properties................................................................................................45
Privilege properties...............................................................................................45
Groups properties.................................................................................................46
Users properties....................................................................................................46
Domain properties................................................................................................48
Option properties..................................................................................................48
Roles properties....................................................................................................48
19
Auth user security token resource

This resource applies the standard system object pattern to the currently authenticated
security token.
Operation
-
Method and URI

-
Get the security token for the currently

authenticated user
GET /platform/1/auth/id
GET /platform/1/auth/id?describe
View the detailed JSON schema for the user

security token
Query parameters
Object properties
20
Property
Type
Description
additional_id
persona on page
45
Properties for an additional ID.
gid
persona on page
45
Properties for the currently authenticated

primary group ID for the user.
group_sid
persona on page
45

primary group security ID for the user.
ifs_restricted
Boolean
Indicates if this user has restricted access to

the /ifs file system.
local_address
string
Provides the IP address of the node that is

servicing the request.
on_disk_group_id persona on page

45
Properties for the group ID that is stored on

disk for the authenticated user.
on_disk_user_id
persona on page
45
Properties for the user ID that is stored on disk

for the authenticated user.
privilege
privilege on page
45
Properties for the privileges granted to the

authenticated user.
protocol
integer
The protocol that is responsible for the

creation of the token, such as NFS or FTP.
remote_address
string
The IP address of the client requesting the

information.
uid
persona on page
45
Properties for the currently authenticated user

ID.
user_sid
persona on page
45

security ID for the user.
zid
integer
Provides the zone ID that is serving the

request.
Property
Type
Description
zone_id
string
Provides the name of the zone that is serving

the request.
Auth groups resource

This resource applies the standard collection pattern to groups.
Operation
-
Get all groups
Method and URI

-
GET /platform/1/auth/groups
Flush the groups cache
DELETE /platform/1/auth/groups
Get a group
GET /platform/1/auth/groups/
<group-id>
Create a group
POST /platform/1/auth/groups
Modify a group
PUT /platform/1/auth/groups/
<group-id>
Delete a group
DELETE /platform/1/auth/groups/
<group-id>
View the detailed JSON schema for an

authentication group
GET /platform/1/auth/groups?
describe
Query parameters
cached
If true, only return cached objects.
domain
Filter groups by domain.
filter
Filter groups by name prefix.
provider
Filter groups by provider.
query_member_of
Enumerate all groups that a group is a member of.
resolve_names
Resolve names of a persona.
zone
Filter groups by zone.
limit
Return no more than this many results at one time (see resume).
resume
Continue returning results from the previous request (cannot be used with other
parameters).
Auth groups resource
21
Object properties
Property Type
Type
total
string
Provides the total number of groups to display.
resume
string
Provides the value for the resume argument used for

continuation requests.
groups
groups on page 46
Properties for groups.
Auth groups members resource

This resource applies the standard collection pattern to members of a group.
Operation
-
Method and URI

-
Get the members of a group
<group-id>/members
Add a member to a group
POST /platform/1/auth/groups/
<group-id>/members
Remove a member from a group
DELETE /platform/1/auth/groups/
<group-id>/members/<persona-id>
View the detailed JSON schema for the

members of an authentication group
<group-id>/members?describe
Query parameters
provider
Filter groups by the provider.
resolve_names
Resolve the name of a persona.
zone
Filter groups by zone.
limit
resume
parameters).
Object properties
22
Property
Type
Description
resume
string
Provides the value for the resume argument to be used

for continuation requests.
id
string
Provides the system ID given to the new member of the

group. In a POST request, this value is the ID that refers to
the item in the collection item resource path.
Property
Type
members persona on page

45
Description
Properties for users or groups that have this role.
Auth users resource

This resource applies the standard collection pattern to users.
Operation
-
Get all users
Method and URI

-
GET /platform/1/auth/users
Get one user
GET /platform/1/auth/users/<userid>
Modify a user
PUT /platform/1/auth/users/<userid>
Create a user
POST /platform/1/auth/users
Flush the users cache
DELETE /platform/1/auth/users
Delete a user
DELETE /platform/1/auth/users/
<user-id>
View the detailed JSON schema for

authentication users
GET /platform/1/auth/users?
describe
Query parameters
cached
If true, only return cached objects.
domain
Filter users by domain.
filter
Filter users by name prefix.
provider
Filter users by provider.
query_member_of
Enumerate all users that a group is a member of.
resolve_names
Resolve names of personas.
zone
Filter users by zone.
limit
resume
parameters).
Auth users resource
23
Object properties
Property Type
Description
total
integer
Provides the total number of users.
resume
string

users
users on page 46
Properties for authenticating users.
Auth users member of resource

This resource applies the standard collection pattern to groups that a user is a member
of.
Operation
-
Method and URI
Get the groups that a user is a member of
GET /platform/1/auth/users/<userid>/member_of
Add a group membership for a user
POST /platform/1/auth/users/
<user-id>/member_of
Remove a group membership from a user
DELETE /platform/1/auth/users/
<user-id>/member_of/<persona-id>

authentication users members_of
GET /platform/1/auth/users/<userid>/member_of?describe
Query parameters
provider
Filters groups by provider.
resolve_names
Resolves the names of personas.
zone
Filters groups by zone.
resume
Continues returning results from the previous call (cannot be used with other
options).
Object properties
Property
Type
Description
resume
string
Provides the value for the resume argument to be

used for continuation requests.
member_of persona on page

45
24
Properties for each group the user is a member of.
Auth netgroups resource

This resource applies the standard collection pattern to individual members of
netgroups.
Operation
-
Method and URI
Get the members of a netgroup
GET /platform/1/auth/netgroups/
<netgroup>
GET /platform/1/auth/netgroups/
<netgroup>?describe

authentication netgroups
Query parameters
provider
Filter users by provider.
recursive
Perform recursive searches.
ignore_errors
Ignore netgroup errors.
zone
Filter users by zone.
Object properties
Property
Type
Description
domainname
string
Provides the domain for which the netgroup is valid.
hostname
string
Provides the host that is valid for this netgroup.
netgroup
string
Provides the name of the netgroup.
username
string
Provides the user who is valid for this netgroup.
Auth mapping users rules resource

This resource returns the rules for user mapping.
Operation
-
Get the user mapping rules
Method and URI

-
GET /platform/1/auth/mapping/
users/rules
Replace all user mapping rules
PUT /platform/1/auth/mapping/
users/rules

authentication mapping users rules
users/rules?describe
Query parameters
zone
The zone that the rules apply to.
Auth netgroups resource
25
Object properties
Property
Type
Description
default_unix_user domain on page 48
Provides the properties for a default UNIX

user. Requires a token to have both a
primary UID and GID.
options
options on page 48
Properties for options.
user1
domain on page 48
Properties for the primary user.
user2
domain on page 48
Properties for the secondary user.
Auth mapping users lookup resource

This resource enables user look ups.
Operation
-
Method and URI
Lookup a user through the user mapper
users/lookup
users/lookup?describe

authentication mapping users lookup
Query parameters
user
The user to lookup.
zone
The name of the zone that is serving the request.
uid
The system generated user ID.
gid
The system generated group ID.
primary_gid
The primary group ID.
Object properties
Property
Type
Description
mapping
user on page 46
Properties for user look ups.
Auth providers summary resource

This resource returns summary information for authentication providers.
Operation
-
26
Get the authentication providers summary
Method and URI

-
GET /platform/1/auth/providers/
summary
Operation
-
Method and URI

authentication providers summary
summary?describe
Query parameters
Object properties
Property
Type
Description
id
string Provides the ID of the provider.
active_server string Provides the server that the provider serves authentication
requests with. Null if no server is set or is not applicable for that
provider.
forest
string Provides the Active Directory forest. Null if not applicable.
site
string Provides the Active Directory site name. Null if not applicable.
name
string Provides the name of the provider.
status
string Indicates the online and active state of the provider.
type
string Provides the type of the provider.
Auth ADS providers resource

This resource applies the standard collection pattern to individual Active Directory service
(ADS) providers.
Operation
-
Get one ADS provider
Method and URI

-
ads/<provider-id>
Get all ADS providers
ads
Join a domain
POST /platform/1/auth/providers/
ads
Modify an ADS provider
PUT /platform/1/auth/providers/
ads/<provider-id>
Leave a domain
DELETE /platform/1/auth/
providers/ads/<provider-id>
View the detailed JSON schema for ADS

providers
ads/<domain>?describe
Query parameters
scope
Auth ADS providers resource
27
If this parameter is specified as effective, or if it is not specified, all fields are shown.
If the parameter is specified as user, only fields with non-default values are shown. If
the parameter is specified as default, the default values are returned.
Object properties
28
Property
Type
allocate_gids
Boolean Allocates a GID for an unmapped ADS group.
allocate_uids
Boolean Enables allocation of a UID for an unmapped

ADS user.
assume_default_domain
Boolean Enables lookup of unqualified user names in

the primary domain.
authentication
Boolean Enables use of the provider for authentication

and identity.
check_online_interval
integer
Specifies the time between provider online

checks.
controller_time
integer
Provides the current time of the domain

controller.
create_home_directory
Boolean Creates a home directory on the first login.
domain_offline_alerts
Boolean Sends an alert when the domain goes offline.
forest
string
Provides the ADS forest.
home_directory_template
string
Specifies the home directory template path.
hostname
string
Provides the fully qualified hostname that is

stored in the machine account.
id
string
Specifies the ID of the provider instance.
ignore_all_trusts
Boolean Ignores all trusted domains.
ignored_trusted_domains
Boolean Includes trusted domains when

ignore_all_trusts is set to false.
include_trusted_domains
Boolean Includes trusted domains when

ignore_all_trusts is set to true.
ldap_sign_and_seal
Boolean Uses encryption and signing on LDAP requests.
login_shell
string
Sets the login shell path.
lookup_domains
string
Limits user and group lookup to the specified

domains.
lookup_groups
Boolean Looks up ADS groups in other providers before

allocating a GID.
lookup_normalize_groups
Boolean Normalizes ADS group names to lowercase

before lookup.
lookup_normalize_users
Boolean Normalizes ADS user names to lowercase

before lookup.
Description
Property
Type
Description
lookup_users
Boolean Looks up ADS users in other providers before

allocating a UID.
machine_account
string
Provides the SAM account name of the

machine account.
machine_password_lifespan integer
Sets the maximum age of a password.
name
string
Specifies the ADS provider name.
netbios_domain
string
Provides the NetBIOS domain name associated

with the machine account.
nss_enumeration
Boolean Enables the ADS provider to respond to

getpwent and getgrent requests.
primary_domain
string
Provides the primary domain name.
sfu_support
string
Specifies whether to support RFC 2307

attributes on ADS domain controllers.
site
string
Provides the ADS site.
status
string
Provides the status of the provider.
store_sfu_mappings
Boolean Stores the SFU mappings permanently in the ID

mapper.
system
Boolean Indicates that the provider instance was

created by OneFS and cannot be removed.
Auth ADS providers domains resource

This resource applies the standard collection pattern to Active Directory service (ADS)
domains.
Operation
-
Method and URI
Get all ADS provider's trusted domains
ads/<id>/domains
Get one ADS provider's trusted domain
ads/<id>/domains/<ads-domain>

authentication providers ADS domains
ads/<id>/domains?describe
Query parameters
Object properties
Property
Type
dc_address
string Provides the address for the domain controller.
Description
Auth ADS providers domains resource
29
Property
Type
Description
dc_name
string Provides the name for the domain controller.
dc_site
string Provides the site for the domain controller.
domain
string Provides the name of the domain.
guid
string Provides the group and user ID for the domain.
id
string Provides a unique identifier for every domain returned.
netbios_name string Provides the NetBIOS name for the domain.

sid
string Provides the security ID for the domain.
site
string Provides the site for the domain.
status
string Indicates whether the domain is online or offline.
trust_type
string Specifies the type of trust with the domain. Options consist of
primary, unknown, external, and forest.
Auth ADS providers controllers resource

This resource applies the standard collection pattern to Active Directory service (ADS)
controllers.
Operation
-
Method and URI
Get all domain controllers for a trusted

domain
GET /platform/1/auth/providers/ads/
<domain-id>/controllers
GET /platform/1/auth/providers/ads/
authentication providers ADS controllers <domain-id>/controllers?describe
Query parameters
Parameters
Object properties
30
Property
Type
Description
dc_address
string
Provides the address for the domain controller.
dc_name
string
Provides the name for the domain controller.
id
string
Provides the name for the domain controller.
Auth ADS providers search resource

This resource performs searches within Active Directory service (ADS) providers.
Operation
-
Method and URI
Get objects that are searchable in domains
ads/<object>/search
ads/<object>/search?describe

authentication providers ADS search
Query parameters
domain
The domain to search in.
user
The username for the domain, if untrusted.
password
The password for the domain, if untrusted.
filter
The filter to use when performing a search. The filter must be in the form of an LDAP
query.
description
An optional description to search for.
search_users
If true, search for users.
search_groups
If true, search for groups.
limit
resume
parameters).
Object properties
Property
Type
Type
resume
string

description
string
Provides the description returned from the Active

Directory server.
display_name string
Provides the display name returned from the

Active Directory server.
id
Properties for the persona.
persona on page
45
Auth ADS providers search resource
31
Auth file providers resource

This resource applies the standard collection pattern to authentication file providers.
Operation
-
Method and URI

-
Get one file provider
file/<provider-id>
Get all file providers
file
Create a file provider
file
Modify a file provider
file/<provider-id>
Delete a file provider
providers/file/<provider-id>

authentication providers file
file?describe
Query parameters
scope
If specified as effective, or unspecified, all fields are shown. If specified as user, only
fields with non-default values are shown. If specified as default, the default values
are returned.
Object properties
32
Property
Type
authentication
Boolean Enables authentication and identification through

the provider.
cache_entry_expiry
integer
enabled
Boolean Enables the file provider.
enumerate_groups
Boolean Enables providers to enumerate groups.
enumerate_users
Boolean Enables providers to enumerate users.
findable_groups
string
Sets a list of groups that can be resolved.
findable_users
string
Sets a list of users that can be resolved.
group_domain
string
Provides the domain used to qualify groups for this

provider.
group_file
string
Provides the location of the file that contains group

information.
Description
Specifies the amount of time to cache a user or

group.
Property
Type
Description
home_diretory_template string
id
string
Specifies the file provider ID.
listable_groups
string
Specifies groups that can be viewed in the provider.
listable_users
string
Specifies users that can be viewed in the provider.
login_shell
string
modifiable_groups
string
Specifies groups that can be modified in the

provider.
modifiable_users
string
Specifies users that can be modified in the

provider.
name
string
Specifies the name of the file provider.
netgroup_file
string
Provides the path to a netgroups replacement file.
normalize_groups
Boolean Normalizes the group name to lowercase before

lookup.
normalize_users
Boolean Normalizes the user name to lowercase before

lookup.
ntlm_support
string
Specifies the supported NTLM version for users

with NTLM-compatible credentials.
password_file
string
Provides the location of the file that contains user

information.
provider_domain
string
Specifies the domain for the provider.
restrict_findable
Boolean Checks the provider for filtered lists of findable and

unfindable users and groups.
restrict_listable
Boolean Checks the provider for filtered lists of listable and

unlistable users and groups.
restrict_modifiable
Boolean Checks the provider for filtered lists of modifiable

and unmodifiable users and groups.
status
string
system
Boolean Indicates that the provider instance was created by

OneFS and cannot be removed.
unfindable_groups
string
Specifies a group that cannot be resolved by the

provider.
unfindable_users
string
Specifies a user that cannot be resolved by the

provider.
unlistable_groups
string
Specifies a group that cannot be listed by the

provider.
unlistable_users
string
Specifies a user who cannot be listed by the

provider.
Auth file providers resource
33
Property
Type
Description
unmodifiable_groups
string
Specifies a group that cannot be modified by the

provider.
unmodifiable_users
string
Specifies a user who cannot be modified by the

provider.
user_domain
string
Provides the domain used to qualify users for this

provider.
Auth LDAP providers resource

This resource applies the standard collection pattern to individual Lightweight Directory
Access Protocol (LDAP) authentication providers.
Operation
-
Method and URI

-
Get one LDAP provider
ldap/<provider-id>
Get all LDAP providers
ldap
Create an LDAP provider
ldap
Modify an LDAP provider
ldap/<provider-id>
Delete an LDAP provider
providers/ldap/<provider-id>
View the detailed JSON schema for LDAP

authentication providers
ldap/<provider-id>?describe
Query parameters
scope
If specified as effective, or unspecified, all fields are shown. If specified as user, only
fields with non-default values are shown. If specified as default, the default values
are returned.
Object properties
34
Property
Type
authentication
Boolean Enables authentication and identification

through the provider.
balance_servers
Boolean Connects the provider to a random server.
base_dn
string
Sets the root of the tree in which to

search for identities.
bind_dn
string
Sets a distinguished name that is used

when binding to LDAP servers.
Description
Property
Type
Description
bind_mechanism
string
Provides the bind mechanism to use

when connecting to an LDAP server. The
only supported value is simple.
bind_password
string
Sets a password for a distinguished name

that is used when binding to LDAP
servers.
bind_timeout
integer
Sets a timeout in seconds when binding

LDAP servers.
cache_entry_expiry
integer
Specify the amount of time to cache a

user or group
certificate_authority_file
string
Set the path to the root certificates file.
integer
Specifies the time between the provider

online checks.
cn_attribute
string
Specifies the canonical name.
Boolean Creates a home directory on the first

login.
crypt_password_attribute
string
Sets a hashed password value.
email_attribute
string
Sets the LDAP email attribute.
enabled
Boolean Enables the LDAP provider.
enumerate_groups
Boolean Enables the LDAP provider to enumerate

groups.
enumerate_users
Boolean Enables the LDAP provider to enumerate

users.
findable_groups
string
findable_users
string
gecos_attribute
string
Sets the LDAP GECOS attribute.
gid_attribute
string
Sets the LDAP GID attribute.
group_base_dn
string
Sets a distinguished name for the entry

where LDAP searches for groups begins.
group_domain
string
Provides the domain used to qualify

groups for this provider.
group_filter
string
Sets the LDAP filter for group objects.
group_members_attribute
string
Sets the LDAP Group Members attribute.
group_search_scope
string
Defines the depth from the base DN to

perform LDAP searches.
home_directory_template
string
Specifies the home directory template

path.
Auth LDAP providers resource
35
36
Property
Type
Description
homedir_attribute
string
Sets the LDAP Homedir attribute.
id
string
Specifies the ID of the LDAP provider.
ignore_tls_errors
string
Continues over secure connections, even

if the identity check fails.
listable_groups
string
Specifies groups that can be viewed in

the provider.
listable_users
string
Specifies users that can be viewed in the

provider.
login_shell
string
name
string
Specifies the name of the LDAP provider.
name_attribute
string
Sets the LDAP UID attribute, which is used

as the login name.
netgroup_base_dn
string

where LDAP searches for netgroups
begins.
netgroup_filter
string
Sets the LDAP filter for netgroup objects.
netgroup_members_attribute
string
Sets the LDAP Netgroup Members

attribute.
netgroup_search_scope
string

netgroup_triple_attribute
string
Sets the LDAP Netgroup Triple attribute.
normalize_groups
Boolean Normalizes group names to lowercase

before lookup.
normalize_users
Boolean Normalizes user names to lowercase

before lookup.
nt_password_attribute
string
Setsthe LDAP NT Password attribute.
ntlm_support
string
Specifies the supported NTLM version for

users with NTLM-compatible credentials.
provider_domain
string
Specifies the provider domain.
require_secure_connection
Boolean Specifies whether to continue over a nonTLS connection.
restrict_findable
Boolean Checks the provider for filtered lists of

findable and unfindable users and
groups.
restrict_listable
Boolean Checks the provider for filtered lists of

listable and unlistable users and groups.
search_scope
string
Defines the default depth from the base

DN to perform LDAP searches.
Property
Type
Description
search_timeout
integer
Sets the search timeout period.
server_uris
string
Sets the server URIs.
shell_attribute
string
Sets the LDAP shell attribute.
status
string
system
Boolean Indicates that the provider instance was

created by OneFS and cannot be
removed.
uid_attribute
string
Sets the LDAP UID Number attribute.
unfindable_groups
string
Specifies groups that cannot be resolved

by the provider.
unfindable_users
string
Specifies users who cannot be resolved

by the provider.
unique_group_members_attribute string
Sets the LDAP Unique Group Members

attribute.
unlistable_groups
string
Specifies a group that cannot be listed by

the provider.
unlistable_users
string
Specifies a user who cannot be listed by

the provider.
user_base_dn
string

where LDAP searches for users begins.
user_domain
string
Provides the domain used to qualify users

for this provider.
user_filter
string
Sets the LDAP filter for user objects.
user_search_scope
string

Auth local providers resource

This resource applies the standard collection pattern to local authentication providers.
Operation
-
Get one local provider
Method and URI

-
local/<file-id>
Get all local providers
local
Create a local provider
local
Modify a local provider
local/<file-id>
Auth local providers resource
37
Operation
-
Method and URI

-
Delete a local provider

View the detailed JSON schema for local
authentication providers local
providers/local/<file-id>
local?describe
Query parameters
scope
If this parameter is specified as effective, or if it is not specified, all export fields are
shown. If this parameter is specified as user, only fields with non-default values are
shown. If this parameter is specified as default, the original values are returned.
Object properties
38
Property
Type
Description
authentication

the provider.
home_directory_template string
id
string
Specifies the ID for the local provider.
lockout_duration
integer
Sets the length of time in seconds that an account

is inaccessible after multiple failed login attempts.
lockout_threshold
integer
Sets the number of failed login attempts

necessary for an account to be locked out.
lockout_window
integer
Sets the time in seconds in which

lockout_threshold failed attempts must be made
for an account to be locked out.
login_shell
string
machine_name
string
Specifies the Active Directory account name for

the machine.
max_password_age
integer
Sets the maximum password age in seconds.
min_password_age
integer
Sets the minimum password age in seconds.
min_password_length
integer
Sets the minimum password length.
name
string
Specifies the name of the local provider.
password_prompt_time
integer
Specifies time in seconds remaining before being

prompted to change the password.
status
string
system
Boolean Indicates that the provider instance was created

by OneFS and cannot be removed.
Auth NIS providers resource

This resource applies the standard collection pattern to Network Information Service (NIS)
authentication providers.
Operation
-
Method and URI

-
Get one NIS provider
nis/<nis-name>
Get all NIS providers
nis
Create an NIS provider
nis
Modify an NIS provider
nis/<nis-name>
Delete an NIS provider
providers/nis/<nis-name>
View the detailed JSON schema for NIS

authentication providers
nis?describe
Query parameters
scope
Object properties
Property
Type
authentication

the provider.
balance_servers
Boolean Enables the provider to connect to a random

server.
cache_entry_expiry
integer
Specifies the amount of time in seconds to cache

a user or group.
integer
Specifies the amount of time in seconds between

provider online checks.
integer
Creates a home directory on first login.
enabled
Boolean Enables the NIS provider.
enumerate_groups
Boolean Enables the provider to enumerate groups.
enumerate_users
Boolean Enables the provider to enumerate users.
findable_groups
string
Description
Auth NIS providers resource
39
Property
Type
Description
findable_users
string
group_domain
string
Provides the domain used to qualify groups for

this provider.
home_directory_template string
40
hostname_lookup
Boolean Enables host name lookups.
id
string
Specifies the NIS provider ID.
listable_groups
string
Specifies groups that can be viewed in the

provider.
listable_users
string
Specifies users that can be viewed in the provider.
login_shell
string
name
string
Specifies the NIS provider name.
nis_domain
string
Specifies the NIS domain name.
normalize_groups
Boolean Normalizes the group name to lowercase before

lookup.
normalize_users
Boolean Normalizes the user name to lowercase before

lookup.
ntlm_support
string
Specifies the NTLM version for users with NTLMcompatible credentials.
provider_domain
string
Specifies the provider domain.
request_timeout
integer
Specifies the request timeout interval in seconds.
restrict_findable
Boolean Checks the provider for filtered lists of findable

and unfindable users.
restrict_listable
Boolean Checks the provider for filtered lists of listable and

unlistable users.
retry_time
integer
Sets timeout period in seconds after which a

request is retried.
servers
string
Provides a list of NIS servers to be used by this

provider.
integer
Specifies the amount of time in seconds between

provider online checks.
status
string
system
string
Indicates that the provider instance was created

by OneFS and cannot be removed.
unfindable_groups
string
Specifies a group that cannot be resolved by the

provider.
unfindable_users
string

provider.
Property
Type
Description
unlistable_groups
string
Specifies a group that cannot be listed by the

provider.
unlistable_users
string

provider.
user_domain
string
Provides the domain used to qualify users for this

provider.
ypmatch_using_tcp
Boolean Uses TCP for YP match operations.
Auth roles resource

This resource applies the standard collection pattern to roles.
Operation
-
Method and URI

-
Get one role
GET /platform/1/auth/roles/<roleid>
Get all roles
GET /platform/1/auth/roles
Create a role
POST /platform/1/auth/roles
Modify a role
PUT /platform/1/auth/roles/<roleid>
Delete a role
DELETE /platform/1/auth/roles/
<role-id>

authentication roles
GET /platform/1/auth/roles?
describe
Query parameters
resolve_names
Filters users by zone.
resume
Continue returning results from the previous call (cannot be used with other options).
Object properties
Property Type
Description
resume
string

roles
roles on page 48
Properties for roles.
Auth roles resource
41
Auth roles members resource

This resource applies the standard collection pattern to members of roles.
Operation
-
Method and URI
Get the members of a role
GET /platform/1/auth/roles/
<member-id>/members
Add a member to a role
POST /platform/1/auth/roles/
<member-id>/members
Remove a member from a role
<member-id>/members/<persona-id>

authentication roles members
GET /platform/1/auth/roles/
<member-id>/members?describe
Query parameters
resolve_names
Resolves the names of personas.
Object properties
Property
Type
members persona on page 45
Description
Auth roles privileges resource

This resource applies the standard collection pattern to the privileges that belong to a
role.
Operation
-
Get the privileges of a role
Method and URI

-
GET /platform/1/auth/roles/<id>/
privileges
Add a privilege to a role
POST /platform/1/auth/roles/<id>/
privileges
Remove a privilege from a role
<id>/privileges/<privilege-id>

authentication roles privileges
GET /platform/1/auth/roles/<id>/
privileges?describe
Query parameters
resume
Continue returning results from the previous call (cannot be used with other options).
42
Object properties
Property
Type
Description
resume
string

privileges privilege on page 45
Properties for the privileges granted by this role.
Auth global settings resource

This resource contains global authentication settings.
Operation
-
Method and URI

-
Get global settings
GET /platform/1/auth/settings/
global
Modify global settings
PUT /platform/1/auth/settings/
global
View the detailed JSON schema for global

settings for authentication
GET /platform/1/auth/settings/
global?describe
Query parameters
scope
Object properties
Property
Type
Description
alloc_retries
integer
Sets the number of times to retry an ID allocation

before failing.
cache_cred_lifetime
integer
Sets the length of time in seconds to cache credential

responses from the ID mapper.
cache_id_lifetime
integer
Sets the length of time in seconds to cache ID

responses from the ID mapper.
gid_range_enabled
Boolean Enables the use of a fixed range for allocating a GID.
gid_range_max
integer
Specifies the ending number for allocating a GID.
gid_range_min
integer
Specifies the starting number for allocating a GID.
gid_range_next
integer
Specifies the next GID to be allocated.
group_uid
integer
Provides the UID to use when the kernel must retrieve

a UID for a group.
load_providers
array
Controls which providers are loaded by the

authentication daemon (lsassd).
Auth global settings resource
43
Property
Type
Description
min_mapped_rid
integer
Starts RID in the local domain to map a UID and a GID.
null_gid
integer
Provides the alternative GID to use when the kernel is

unable to retrieve a GID for a persona.
null_uid
integer
Provides the alternative UID to use when the kernel is

unable to retrieve a UID for a persona.
on_disk_identity
string
Specifies the type of identity that is stored on disk.
rpc_block_time
integer
Provides the minimum amount of time in milliseconds

to wait before performing an oprestart.
rpc_max_requests
integer
Provides the maximum number of outstanding RPC

requests.
rpc_timeout
integer
Provides the maximum amount of time in seconds to

wait for an idmap response.
send_ntlmv2
Boolean Specifies whether to send NTLMv2 responses.
space_replacement
string
Sets space replacement character.
system_gid_threshold integer
Provides the minimum GID to attempt to lookup in the

idmap database.
system_uid_threshold integer
Provides the minimum UID to attempt to lookup in the

idmap database.
uid_range_enabled
Boolean Enables a fixed range for allocating UIDs.
uid_range_max
integer
Specifies the ending number for allocating a UID.
uid_range_min
integer
Specifies the starting number for allocating a UID.
uid_range_next
integer
Specifies the next UID to allocate.
unknown_gid
integer
Specifies the GID to use for an unknown or

anonymous group.
unknown_uid
integer
Specifies the UID to use for an unknown or

anonymous user.
workgroup
string
Sets the NetBIOS workgroup or domain.
Auth shells resource

This resource returns the list of supported shells.
Operation
-
Get a list of the possible values for user shells

authentication shells
Query parameters
44
Method and URI

-
GET /platform/1/auth/shells
GET /platform/1/auth/shells?
describe
Object properties
Property
Type
Description
shells
string
Provides a list of supported shells.
Auth wellknowns resource

This resource applies the standard collection pattern to wellknown personas.
Operation
-
Method and URI

-
Get wellknown SIDs
GET /platform/1/auth/wellknowns
GET /platform/1/auth/wellknowns?
describe

authentication wellknown SIDs
Query parameters
Object properties
Property
Type
Type
persona
persona on page 45
Persona properties
Object properties for personas.
Property Type
Description
id
string Provides the serialized form of the persona (such as 'UID:0',

'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').
name
string Provides the persona name, which must be combined with a type.
type
string Provides the type of persona, which must be combined with a name.
Privilege properties
Object properties for privileges.
Property
Type
Description
id
string
Provides the ID of the privilege.
name
string
Provides the name of the privilege.
read-only
Boolean
True if the privilege is read-only.
Auth wellknowns resource
45
Groups properties
Object properties for groups.
Property
Type
Description
dn
string
Provides the distinguished name for the user.
dns_domain
string
Provides the DNS domain for the object.
domain
string
Provides the domain of the group.
generated_gid
boolean
Indicates if the GID was generated.
gid
persona on page
45
id
string
Provides the system ID given to the user or

group. In a POST request, this value refers to
member_of
persona on page
45
Properties for groups that this user or group

are members of.
name
string
Provides a user or group name.
provider
string
Specifies an authentication provider.
sam_account_name string
sid
persona on page
45
Properties for the security identifier.
type
string
Indicates the object type.
Users properties
Object properties for users.
46
Property
Type
Description
dn
string
Provides the distinguished name for

the user.
dns_domain
string
Provides the DNS domain of the object.
domain
string
Provides the domain of the group.
email
string
Specifies an email address.
enabled
Boolean
True if the user is enabled.
expired
Boolean
True if the password for the user has

expired.
expiry
integer
Provides the alternative name to create

for each snapshot.
gecos
string
Sets the GECOS value, which is usually

the full name.
Property
Type
Description
generated_gid
Boolean
Indicates if the GID was generated.
generated_uid
Boolean
Indicates if the UID was generated.
gid
persona on
page 45
home_directory
string
Specifies the home directory for the

user.
id
string
Provides the system ID given to the

user or group. In a POST request, this
value is the ID that refers to the item in
the collection item resource path.
locked
Boolean
Specifies if the account is locked.
max_password_age
integer
Provides the maximum age in seconds

allowed for the password before the
password expires.
member_of
persona on
page 45
Properties for groups that this user or

group are members of.
name
string
password_expired
Boolean
Specifies whether the password has

expired.
password_expires
Boolean
Specifies whether the password is

allowed to expire.
password_last_set
integer
Specifies the last time the password

was set.
primary_group_sid
persona on
page 45
Properties for the security ID of the

primary group for the user.
prompt_password_change
Boolean
Prompts a password change for the

user at the next log in.
provider
string
Specifies an authentication provider.
sam_account_name
string
shell
string
Sets the path to the shell for the user.
sid
persona on
page 45
Properties for the security identifier.
type
string
Indicates the object type.
uid
persona on
page 45
Properties for the user ID.
upn
string
Provides the principal name for the

user.
Users properties
47
Property
Type
Description
user_can_change_password Boolean
Specifies whether the password for the

user can be changed.
Domain properties
Object properties for domains.
Property
Type
Description
domain
integer
Provides the domain name.
user
string
Provides the user name for the domain.
Option properties
Object properties for options.
Create rules for specified users. For example, &= for join a group, ++ for append a group,
-- for remove a group.
Property
Type
Description
break
Boolean
Stops processing further rules and immediately

creates a final token if a rule is applied successfully.
default_user domain on page

48
Substitutes this user if the second user in a rule is

not found.
group
Boolean
Specifies that the primary GID and primary group SID

are copied to the existing credential.
groups
domain on page
48
Specifies that all additional identifies are copied to

the existing credential.
user
domain on page
48
Maps users in the format of domain\user(n), where n

is the user number. For example, user1.
Roles properties
Object properties for roles.
48
Property
Type
Description
id
string
Provides the ID of the role.
name
string
Provides the name of the role.
members
persona on page 45
privileges
privilege on page 45
Properties for the privileges granted by this role.
CHAPTER 4
NFS resources
These resources allow users to retrieve, create, modify, or delete NFS export
configurations and settings.
u
u
u
u
u
u
u
u
u
u
u
u
u
u
NFS exports summary resource..............................................................................50

NFS export resource..............................................................................................50
NFS NLM locks resource........................................................................................51
NFS NLM lock waiters resource..............................................................................52
NFS NLM sessions resource...................................................................................53
NFS default export settings resource.....................................................................53
NFS global settings resource.................................................................................56
NFS exports configuration check resource.............................................................57
NFS reload resource..............................................................................................57
NFS export properties............................................................................................58
NLM locks properties.............................................................................................61
NLM waiter properties...........................................................................................61
NLM session properties.........................................................................................62
NFS map properties...............................................................................................62
NFS resources
49
NFS resources
NFS exports summary resource

This resource returns summary information for NFS exports.
Operations
-
Method and URI

-
Get the NFS exports summary
GET /platform/1/protocols/nfs/exportssummary
GET /platform/1/protocols/nfs/exportssummary?describe

NFS exports summary
Query parameters
Object properties
Property
Type
Description
count
integer
Provides the total number of exports in the system.
NFS export resource

This resource applies the standard collection pattern to NFS exports.
Operation
-
Get one NFS export
Method and URI

-
GET /platform/1/protocols/nfs/exports/
<export-id>
Get a list of NFS exports
GET /platform/1/protocols/nfs/exports
Create an NFS export
POST /platform/1/protocols/nfs/exports
Modify an NFS export
PUT /platform/1/protocols/nfs/exports
Delete an NFS export
DELETE /platform/1/protocols/nfs/
exports/<export-id>

NFS exports
GET /platform/1/protocols/nfs/exports?
describe
View the detailed JSON schema for a

single NFS exports object
GET /platform/1/protocols/nfs/exports/
<export-id>?describe
Query parameters
sort
Order results by this field. The default sort value is id.
dir
The sort order direction are ascending (ASC) or descending (DESC). The default
setting is ascending.
check
Check for conflicts when listing exports.
scope
50
NFS resources
If this parameter is specified as effective, or if it is unspecified, all export fields are

shown.
force
Override client and username conflicts or errors when creating or modifying an
export.
limit
resume
Continue returning results from previous requests (cannot be used with other
parameters).
Object properties
Property Type
Description
total
integer
Provides the total number of exports configured.
resume
string

exports
exports on page 58
Properties for a single export.
NFS NLM locks resource

This resource applies the standard collection pattern to NFS Network Lock Manager (NLM)
advisory locks.
Operation
-
Get a list of NFS advisory locks

NLM locks on NFS
Method and URI

-
GET /platform/1/protocols/nfs/nlm/locks
GET /platform/1/protocols/nfs/nlm/locks?
describe
Query parameters
sort
Order results by this field.
dir
Direction for the sort order is ascending (ASC) or descending (DESC). The default
limit
resume
Continue returning results from previous request (cannot be used with other
parameters).
NFS NLM locks resource
51
NFS resources
Object properties
Property Type
Description
total
integer
Provides the total number of locks available.
resume
string

locks
locks on page 61
Properties for NLM locks.
NFS NLM lock waiters resource

lock waiters.
Operation
-
Method and URI
Get a list of NLM lock waiters on NFS

NLM lock waiters on NFS
GET /platform/1/protocols/nfs/nlm/
waiters
waiters?describe
Query parameters
sort
dir
Direction for the sort order are ascending (ASC) or descending (DESC). The default
limit
resume
parameters).
Object properties
52
Property Type
Description
total
integer
Provides the total number of lock waiters available.
resume
string

waiters
waiters on page 61
Properties for NFS NLM lock waiters.
NFS resources
NFS NLM sessions resource

sessions.
Operation
-
Method and URI
Get a list of NFS NLM sessions
GET /platform/1/protocols/nfs/nlm/sessions
Delete an NFS NLM session
DELETE /platform/1/protocols/nfs/nlm/
sessions/<session-id>

NFS NLM sessions
sessions?describe

an NFS NLM session
sessions/<session-id>?describe
Query parameters
sort
dir
Direction for the sort order are ascending (ASC) or descending (DESC). The default
limit
resume
parameters).
Object properties
Property Type
Description
total
integer
Provides the total number of sessions to display.
resume
string

sessions sessions on page 62
Properties for a single share.
NFS default export settings resource

This resource applies the standard system object pattern to default NFS export settings.
These settings are applied to all new exports, unless otherwise specified.
Operation
-
Get default NFS export settings

Modify default NFS export settings
Method and URI

-
GET /platform/1/protocols/nfs/settings/
export
PUT /platform/1/protocols/nfs/settings/
export
NFS NLM sessions resource
53
NFS resources
Operation
-
Method and URI

default NFS export settings
export?describe
Query parameters
scope
When specified as effective, or not specified, all fields are returned. When specified
as user, only fields with non-default values are shown. When specified as default, the
original values are returned.
Object properties
54
Property
Type
Description
all_dirs
Boolean
True if all directories under the specified paths

are mountable.
block_size
integer
Provides the block size returned by the NFS

statfs call. This value is used to advise the client
of optimal settings for the server, but is not
enforced.
can_set_time
Boolean
True if the client may set file times using the NFS
set attribute request. When set to false, the
server ignores the setting and behaves as if the
value is set to true. This value is used to advise
the client of optimal settings for the server, but is
not enforced.
commit_asynchronous
Boolean
True if NFS commit requests execute

asynchronously.
directory_transfer_size
integer
Provides the preferred size for directory read

operations. This value is used to advise the
client of optimal settings for the server, but is not
enforced.
encoding
string
Provides the default character set encoding of

the clients connecting to the export, unless
otherwise specified.
map_lookup_uid
Boolean
True if incoming UIDs are mapped to users in the

OneFS user database. When set to false,
incoming UIDs are applied directly to file
operations.
map_retry
Boolean
Determines whether searches for the users

specified in map_all or map_root are retried if
the search fails.
map_all
map on
page 62
Provides the users and groups that are mapped

to non-root clients.
NFS resources
Property
Type
Description
map_full
Boolean
True if user mappings query the OneFS user

database. When set to false, user mappings
query only local authentication.
map_root
map on
page 62

to root clients.
max_file_size
integer
Provides the maximum file size for any file

accessed from the export.
read_only
Boolean
True if the export is read-only.
readdirplus
Boolean
True if readdirplus requests are enabled.

Enabling this property may improve network
performance and is available only for NFSv3.
readdirplus_prefetch
integer
Sets the number of directory entries that are

prefetched when a readdirplus request is
processed.
return_32bit_file_ids
Boolean
Limits the size of file identifiers returned by

NFSv3+ to 32-bit values.
read_transfer_max_size integer
Provides the maximum buffer size that clients

should use on NFS read requests. This value is
used to advise the client of optimal settings for
the server, but is not enforced.
read_transfer_multiple
integer
Provides the preferred multiple size for NFS read

requests. This value is used to advise the client
enforced.
read_transfer_size
integer
Provides the preferred size for NFS read

enforced.
security_flavors
array
Provides the authentication types that are

supported for this export.
setattr_asynchronous
Boolean
True if set attribute operations execute

asynchronously.
symlinks
Boolean
True if symlinks are supported. This value is

time_delta
integer
Provides the resolution of all time values that are

returned to the client.
write_datasync_action
string
Provides the action to be taken when an NFSv3+

datasync write is requested.
write_datasync_reply
string
Provides the stability disposition returned when

an NFSv3+ datasync write is processed.
NFS default export settings resource
55
NFS resources
Property
Type
Description
write_filesync_action
string

filesync write is requested.
write_filesync_reply
string

an NFSv3+ filesync is processed.
write_unstable_action
string
Provides the action taken when an NFSx3+

unstable write is processed.
write_unstable_reply
string

an NFSv3+ unstable write is requested.
write_transfer_max_size integer

are recommended to use on NFS write requests.
This value is used to advise the client of optimal
settings for the server, but is not enforced.
write_transfer_multiple
integer
Provides the preferred multiple size for NFS write

enforced.
write_transfer_size
integer
Provides the preferred size for NFS write

enforced.
NFS global settings resource

This resource applies the standard system object pattern to global NFS settings.
Operation
-
Method and URI
Get default NFS export settings
global
Modify default NFS export

settings
PUT /platform/1/protocols/nfs/settings/
global
View the detailed JSON schema

for global NFS exports
global?describe
Query parameters
scope
When specified as effective, or not specified, all fields are returned. When specified
as user, only fields with non-default values are shown. When specified as default, the
original values are returned.
Object properties
56
Property
Type
service
Boolean Enables the NFS service. When set to false, disables the NFS
service.
Description
NFS resources
Property
Type
Description
nfsv2_enabled
Boolean Enables NFSv2. When set to false, disables NFSv2.
nfsv3_enabled
nfsv4_enabled
nfsv4_domain
string
Provides the domain used to associate users and groups.
lock_protection integer
Provides the number of nodes that can fail in the cluster

without losing lock functionality.
rpc_minthreads integer
Provides the minimum number of threads in the nfsd thread

pool.
rpc_maxthreads integer
Provides the maximum number of threads in the nfsd thread

pool.
NFS exports configuration check resource

This resource returns information on the status and validity of current NFS exports. Each
export with an error is reported along with the first error encountered during the check.
Operation
-
Method and URI
Check NFS exports for configuration errors

View the detailed JSON schema for NFS
exports configuration check
GET /platform/1/protocols/nfs/check
GET /platform/1/protocols/nfs/check?
describe
Query parameters
Object properties
Property Type
id
Description
string Provides the system ID given to the export. In a POST request, this
value is the ID that refers to the item in the collection item resource
path.
message string Provides a description of the conflict or error encountered.
NFS reload resource

This resource is used to reload cached export information. The netgroup cache is updated
against the remote provider and hosts are updated against the DNS if the time to live
(TTL) has expired. Netgroups are automatically refreshed on an interval specified by the
netgroup expiration option. DNS hosts are intermittently refreshed. Local export
information, such as options specified with exports create or exports modify, is updated
immediately following the action.
NFS exports configuration check resource
57
NFS resources
Operation
-
Method and URI

-
Reload NFS exports
POST /platform/1/protocols/nfs/
reload
GET /platform/1/protocols/nfs/
reload?describe
View the detailed JSON schema for NFS

export reload
Query parameters
Object properties
There are no properties for this resource.
NFS export properties

Object properties for NFS exports.
58
Property
Type
Description
id
integer
Provides the system ID given to the export. In a

POST request, this value is the ID that refers to
description
string
Provides the user defined string that is used to

identify the export.
paths
string
Provides the paths under /ifs that are exported.
force
string
True if the export is created, even when in

conflict with another export, path, client, or user.
clients
string
Provides the clients with access to the export.
root_clients
array
Provides the clients with root access to the

export.
read_only_clients
array
Provides the clients with read-only access to the

export.
read_write_clients
array
Provides the clients with both read and write

access to the export, even when the export is set
to read-only.
unresolved_clients
array
Provides the clients that cannot be resolved by

hostname to an IP address.
conflicting_paths
string
Provides the paths that conflict with another

export.
all_dirs
Boolean
True if all directories under the specified paths

are mountable.
block_size
integer
Provides the block size returned by the NFS

statfs procedure. This value is used to advise the
client of optimal settings for the server, but is
not enforced.
NFS resources
Property
Type
Description
can_set_time
Boolean
True if the client may set file times using the NFS
set attribute request. When set to false, the
server ignores the setting and behaves as if the
value is set to true. This value is used to advise
the client of optimal settings for the server, but
is not enforced.
commit_asynchronous
Boolean
True if NFS commit requests execute

asynchronously.
directory_transfer_size
integer
Provides the preferred size for directory read

operations. This value is used to advise the
client of optimal settings for the server, but is
not enforced.
encoding
string
Provides the default character set encoding of

the clients connecting to the export, unless
otherwise specified.
map_lookup_uid
Boolean
True if incoming UIDs are mapped to users in the

OneFS user database. When set to false,
incoming UIDs are applied directly to file
operations.
map_retry
Boolean
Determines whether searches for the users

specified in map_all or map_root are retried if
the search fails.
map_all
map on
page 62

to non-root clients.
map_full
Boolean
True if user mappings query the OneFS user

database. When set to false, user mappings only
query local authentication.
map_root
map on
page 62

to root clients.
max_file_size
integer
Provides the maximum file size for any file

accessed from the export.
read_only
Boolean
True if the export is read-only.
readdirplus
Boolean
True if readdirplus requests are enabled.

Enabling this property may improve network
performance and is only available for NFSv3.
readdirplus_prefetch
integer
Sets the number of directory entries that are

prefetched when a readdirplus request is
processed.
return_32bit_file_ids
Boolean
Limits the size of file identifiers returned by

NFSv3+ to 32-bit values.
read_transfer_max_size integer

should use on NFS read requests. This value is
NFS export properties
59
NFS resources
Property
Type
Description
60
read_transfer_multiple
integer
Provides the preferred multiple size for NFS read

enforced.
read_transfer_size
integer
Provides the preferred size for NFS read

enforced.
security_flavors
array
Provides the authentication flavors, or types,

that are supported for this export.
setattr_asynchronous
Boolean
True if set attribute operations execute

asynchronously.
symlinks
Boolean
True if symlinks are supported. This value is

time_delta
integer
Provides the resolution of all time values that are

returned to the client.
write_datasync_action
string

datasync write is requested.
write_datasync_reply
string

an NFSv3+ datasync write is processed.
write_filesync_action
string

filesync write is requested.
write_filesync_reply
string

an NFSv3+ filesync is processed.
write_unstable_action
string
Provides the action taken when an NFSx3+

unstable write is processed.
write_unstable_reply
string

an NFSv3+ unstable write is requested.
write_transfer_max_size integer

should use on NFS write requests. This value is
write_transfer_multiple
integer
Provides the preferred multiple size for NFS write

enforced.
write_transfer_size
integer
Provides the preferred size for NFS write

NFS resources
Property
Type
Description
enforced.
NLM locks properties

Object properties for NLM locks.
Property
Type
Description
id
string
Provides the system ID given to the lock. In a POST request, this

path.
client
string
Provides the client host name and IP address.
client_id
string
Provides the client ID.
lock_type string
Provides the type of lock.
range
integer Provides the byte range within the locked file.
path
string
created
integer Provides the UNIX Epoch time the lock was created.
lin
string
Provides the path under /ifs that is locked.
Provides the LIN in /ifs that is locked.
NLM waiter properties

Object properties for NLM waiters.
Property
Type
Description
id
string

path.
client
string
client_id
string
lock_type string
range
path
string
created
lin
string
NLM locks properties
61
NFS resources
NLM session properties

Object properties for NLM waiters.
Property
Type
Description
id
string

path.
client
string
client_id
string
lock_type string
range
path
string
created
lin
string
NFS map properties

Object properties for map all and map root.
Property Type
62
Description
groups
string Provides the name of the group that non-root clients are mapped to.
user
string Provides the name of the user that non-root clients are mapped to.
CHAPTER 5
SMB resources
These resources allow users to retrieve, create, modify, or delete SMB share
u
u
u
u
u
u
u
u
u
u
u
u
SMB shares summary resource.............................................................................64

SMB shares resource.............................................................................................64
SMB open files resource........................................................................................65
SMB sessions resource.........................................................................................66
SMB share settings resource.................................................................................67
SMB global settings resource................................................................................69
Share properties...................................................................................................70
Run as root properties...........................................................................................72
Permissions properties..........................................................................................73
Trustee properties.................................................................................................73
Open files properties.............................................................................................73
Sessions properties..............................................................................................73
SMB resources
63
SMB resources
SMB shares summary resource

This resource returns summary information for SMB shares.
Operation
-
Method and URI

-
Get the SMB shares summary

SMB shares summary
GET /platform/1/protocols/smb/sharessummary
GET /platform/1/protocols/smb/sharessummary?describe
Query parameters
There are no query parameters for this resource.
Object properties
Property
Type
Description
count
integer
Provides the total number of shares in the system.
SMB shares resource

This resource applies the standard collection pattern to SMB shares.
Operation
-
Get a single SMB share
Method and URI

-
GET /platform/1/protocols/smb/shares/
<share-name>
Get a list of SMB shares
GET /platform/1/protocols/smb/shares
Create an SMB share
POST /platform/1/protocols/smb/shares
Modify an SMB share
PUT /platform/1/protocols/smb/shares/
<share-name>
Delete an SMB share
DELETE /platform/1/protocols/smb/shares/
<share-name>

SMB shares
GET /platform/1/protocols/smb/shares?
describe

an SMB share object
GET /platform/1/protocols/smb/shares/
<share-name>?describe
Query parameters
sort
Order results by this field. The default value is id.
dir
Directions for the sort order are ascending (ASC) or descending (DESC). The default
zone
An optionally named zone to use for user and group resolution.
64
SMB resources
scope
If this parameter is specified as effective, or if it is unspecified, all export fields are
resolve_names
When this parameter is set to true, the group and user names are resolved.
limit
Return no more than this many results at one time. (See resume.)
resume
parameters).
Object properties
Property Type
Description
total
integer
Provides the total number of shares displayed.
resume
string

share
share on page 70
Properties for a single share.
SMB open files resource

This resource returns a listing of all files that are currently open through SMB on the
queried node.
Operation
-
Get a list of files opened through

SMB
Method and URI

-
GET /platform/1/protocols/smb/openfiles
Close a file opened through SMB
DELETE /platform/1/protocols/smb/
openfiles/<file-id>

SMB open files
GET /platform/1/protocols/smb/openfiles?
describe

an SMB open file object
GET /platform/1/protocols/smb/openfiles/
<file-id>?describe
Query parameters
sort
Order results by this field. The default value is id.
dir
limit
resume
SMB open files resource
65
SMB resources
parameters).
Object properties
Property
Type
Description
total
integer
Provides the total number of open files available.
resume
string

used for continuation calls.
openfiles openfiles on page 73
Properties for SMB open files.
SMB sessions resource

This resource returns a listing of all SMB sessions that are currently open on the queried
node.
Operation
-
Get a list of SMB sessions
Method and URI

-
GET /platform/1/protocols/smb/sessions
Close an SMB session user
DELETE /platform/1/protocols/smb/sessions/
<computer>/<user>
Close an SMB session computer
DELETE /platform/1/protocols/smb/sessions/
<computer>

for the SMB session
GET /platform/1/protocols/smb/sessions?
describe

for the SMB session user
GET /platform/1/protocols/smb/sessions/
<computer>/<user>?describe

for the SMB session computer
GET /platform/1/protocols/smb/sessions/
<computer>?describe
Query parameters
sort
Order results by this field. The default sort value is id.
dir
limit
resume
parameters).
66
SMB resources
Object properties
Property Type
Description
total
integer
Provides the total number of sessions available.
resume
string

used for continuation calls.
sessions sessions on page 73
Properties for SMB sessions.
SMB share settings resource

This resource applies the standard system object pattern to default SMB share settings.
Operation
-
Get SMB share settings
Method and URI

-
GET /platform/1/protocols/smb/settings/
share
Modify SMB share settings
PUT /platform/1/protocols/smb/settings/
share

SMB share settings
share?describe
Query parameters
scope
Object properties
Property
Type
allow_execute_always
Boolean Enables users to execute files that

they have read rights for.
strict_locking
Boolean Specifies whether byte range locks

contend against SMB I/O.
hide_dot_files
Boolean Hides files and directories that begin

with a period.
impersonate_guest
string
strict_flush
Boolean Determines whether the data is

always flushed to disk.
mangle_byte_start
integer
Description
Specifies the condition in which user

access is performed as the guest
account.
The starting value for the automatic

byte mangling range (in decimal
notation).
SMB share settings resource
67
SMB resources
Property
Type
Description
directory_create_mask
integer
Specifies the permission bits (in

decimal notation) that can be set
when a directory is created.
directory_create_mode
integer
Specifies the permission bits that are

set when a directory is created.
file_create_mask
integer
Specifies the permission bits (in

decimal notation) that can be set
when a file is created.
file_create_mode
integer
Specifies the permission bits that are

set when a file is created.
create_permissions
string
Determines how permissions are set

for new files and directories in the
SMB share.
mangle_map
array
Specifies the character mangle map.
impersonate_user
string
Specifies the user account to be used

as a guest account.
change_notify
string
Specifies the level of change

notification alerts on the SMB share.
oplocks
Boolean Specifies whether or not to support

oplocks.
allow_delete_readonly
Boolean Specifies whether read-only files in

the SMB share can be deleted.
ntfs_acl_support
Boolean Supports NTFS Access Control List

(ACL) on files and directories.
access_based_enumeration
Boolean Enumerates only the files and folders

that the requesting user has access
to, but does not apply to the root
directory of the share.
access_based_enumeration_root_only Boolean Specifies whether access-based

enumeration is used in the root
directory of the SMB share.
host_acl
68
array
Provides a list of hostnames,

subnets, or IP addresses that are
allowed or denied access to the
share. All of these types are allowed
unless specifically denied. It is
recommended that a deny clause be
the final entry in the list.
SMB resources
SMB global settings resource

This resource applies the standard system object pattern to the global SMB share
settings.
Operation
-
Method and URI

-
Get the global SMB settings
global
Modify the global SMB settings
PUT /platform/1/protocols/smb/settings/
global

SMB share summary
global?describe
Query parameters
scope
When specified as effective, or when not specified, all the fields are returned. When
specified as user, only the fields with non-default values are returned. When
specified as default, the original values are returned.
Object properties and structure
Property
Type
service
Boolean Specifies whether the SMB service is enabled.
Description
access_based_share_enum Boolean Enumerates only shares that the requesting user

has access to.
audit_fileshare
string
Specifies the level of file share audit events to

log.
audit_logon
string
Specifies the level of logon audit events to log.
dot_snap_accessible_child Boolean Enables access to .snapshot directories in SMB

share subdirectories. This property does not
affect the root directory of the SMB share.
dot_snap_accessible_root
Boolean Enables access to the .snapshot directory in the

root of all the SMB shares.
dot_snap_visible_child
Boolean Shows .snapshot directories in the SMB share

subdirectories. This property does not affect the
root directory of the SMB share.
dot_snap_visible_root
Boolean Shows the .snapshot directory in the root of all

SMB shares.
enable_security_signatures Boolean Indicates whether the server supports signed

SMB packets.
guest_user
string
Specifies the fully qualified username to use for

guest access.
SMB global settings resource
69
SMB resources
Property
Type
Description
ignore_eas
Boolean Specifies whether to ignore extended attributes

(EAs) on files.
onefs_cpu_multiplier
integer
Specifies the number of OneFS driver worker

threads per CPU.
onefs_num_workers
integer
Sets the maximum number of OneFS driver

worker threads.
require_security_signatures Boolean Indicates whether the server requires signed

SMB packets.
server_string
string
Provides a description of the server.
srv_cpu_multiplier
integer
Specifies the number of SRV service worker

threads per CPU.
srv_num_workers
integer
Sets the maximum number of SRV service

worker threads.
support_netbios
Boolean Specifies whether NetBIOS support is supported

on the server.
support_smb2
Boolean Specifies whether the SMB2 protocol is

supported on the server.
Share properties
Object properties for an SMB share.
70
Property
Type
Description
run_as_root
run as root on
page 72
Lists the personas to be run

as root. The permissions for
the personas in this list
override permissions
specified elsewhere.
allow_execute_always
Boolean
Enables users to execute

files that they have read
rights for.
strict_locking
Boolean
Specifies whether byte

range locks contend with
SMB I/O.
hide_dot_files
Boolean
Hides files and directories

that begin with a period.
impersonate_guest
string
Specifies the condition in

which user access is
performed as the guest
account.
strict_flush
Boolean
Determines whether the

data is always flushed to
disk.
SMB resources
Property
Type
Description
mangle_byte_start
integer
Provides the starting value

for the automatic byte
mangling range (in decimal
notation).
directory_create_mask
integer
Specifies the permission

bits (in decimal notation)
that can be set when a
directory is created.
directory_create_mode
integer

bits that are set when a
directory is created.
file_create_mask
integer

bits (in decimal notation)
that can be set when a file is
created.
file_create_mode
integer

bits that are set when a file
is created.
create_permissions
string
Determines how
permissions are set for new
files and directories in the
SMB share.
mangle_map
array
Specifies the character

mangle map.
impersonate_user
string
Specifies the user account

to be used as a guest
account.
change_notify
string
Specifies the level of change

notification alerts on the
SMB share.
oplocks
Boolean
Specifies whether to support

oplocks.
allow_delete_readonly
Boolean
Specifies whether read-only

files in the SMB share can
be deleted.
ntfs_acl_support
Boolean
Supports NTFS access

control lists (ACLs) on files
and directories.
access_based_enumeration
Boolean
Enumerates only the files

and folders that the
requesting user has access
to. This does not apply to
the root directory of the
share.
Share properties
71
SMB resources
Property
Type
Description
access_based_enumeration_root_only Boolean
Specifies whether accessbased enumeration is used

in the root directory of the
SMB share.
host_acl
array
Lists the hostnames,

subnets, or IP addresses
that are allowed or denied
access to the share. All
types are allowed unless
specifically denied. It is
recommended that a deny
clause be the final entry in
the list.
inheritable_path_acl
string
Sets an inheritable ACL on

the SMB share path.
id
string
Provides the system ID given

to the SMB share. In a POST
request, this value is the ID
that refers to the item in the
collection item resource
path.
description
string
Describes the SMB share.
path
string
Provides the path of the

SMB share within /ifs.
name
string
Provides the SMB share

name.
csc_policy
string
Provides the client-side

caching policy for the SMB
shares.
browsable
Boolean
Ensures that the SMB share

is visible in net view and in
the browse list.
permissions
permissions on
page 73
Provides the ordered list of

permission modifications.
Run as root properties

Object properties for run as root.
Property Type
72
Description
id
integer Provides the serialized form of the persona (such as 'UID:0',

name
string
Provides the persona name, which must be combined with type.
type
string
Provides the type of persona, which must be combined with name.
SMB resources
Permissions properties
Object properties for permissions.
Property
Type
Description
permission
string
Provides the file system rights that are to be

allowed or denied.
permission_type string
Specifies whether to allow or deny the

permission.
trustee
A persona that consists of either a type and a

name or an id.
trustee on page
73
Trustee properties
Object properties for trustees.
Property Type
Description
id

name
string
Provides the persona name, which must be combined with type.
type
string
Provides the type of persona, which must be combined with name.
Open files properties

Object properties for open files.
Property
Type
id
integer Provides the system ID given to the file. In a POST request, this
value is the ID used to refer to the item in the collection item
resource path.
file
string
Provides the path of the file within /ifs.
user
string
Provides the name of the user with the file opened.
locks
integer Provides the number of locks the user holds on the file.
permissions string
Description
Provides the permissions on the file for the user.
Sessions properties
Object properties for an SMB session.
Property
Type
Description
id
integer
Provides the ID for the SMB session.
computer
string
Provides the internet address for the client.
user
string
Provides the local user name.
Permissions properties
73
SMB resources
Property
Type
Description
client_type
string
Provides the client type.
openfiles
integer
Provides the number of files current opened by the client.
active_time integer
Provides the number of seconds since the session started.
idle_time
Provides the number of seconds since the last client operation.
integer
guest_login Boolean When set to true, guests can log in.

encryption
74
Boolean When set to true, the session is encrypted.
CHAPTER 6
Quota resources
These resources allow users to retrieve, create, modify, or delete SmartQuotas

u
u
u
u
u
u
u
u
u
u
u
u
u
Quota license resource..........................................................................................76

Quota summary resource......................................................................................76
Quotas resource....................................................................................................77
Quota quotas notification rules resource...............................................................78
Quota reports resource..........................................................................................79
Quota about reports resource................................................................................81
Quota report settings resource..............................................................................81
Quota default notifications rules resource.............................................................82
Quota mappings settings resource........................................................................83
Quotas properties.................................................................................................84
Persona properties................................................................................................85
Usage properties...................................................................................................86
Threshold properties.............................................................................................86
Quota resources
75
Quota resources
Quota license resource

This resource retrieves license information for the SmartQuotas feature.
Operation
-
Method and URI

-
Get license information for a quota
GET /platform/1/quota/license
GET /platform/1/quota/license?
describe
View the detailed JSON schema for the quota

license
Query parameters
Object properties
Property
Type
Description
duration
integer Provides the total duration in seconds for temporary licenses.
expiration integer Provides the UNIX Epoch time when the license expires.
status
array
Provides the current status of the license. Possible states are:

activated, evaluation, expired, inactive, and unknown.
name
string
Provides the name of the licensed feature.
Quota summary resource

This resource returns summary information for file system quotas.
Operation
-
Method and URI

-
Get the quota collection summary.
GET /platform/1/quota/quotassummary
GET /platform/1/quota/quotassummary?describe
View detailed JSON schema for the quota

summary
Query parameters
Object properties
Property
Type
count
integer Provides the total number of quotas.
Description
default_group_quotas_count integer Provides the total number of default-group

quotas.
default_user_quotas_count
76
integer Provides the total number of default-user

quotas.
Quota resources
Property
Type
Description
directory_quotas_count
integer Provides the total number of directory quotas.
group_quotas_count
integer Provides the total number of group quotas.
linked_quotas_count
integer Provides the total number of user and group

totals that are linked.
user_quotas_count
integer Provides the total number of user quotas.
Quotas resource
This resource applies the standard collection pattern to file system quotas.
Operation
-
Get one quota
Method and URI

-
GET /platform/1/quota/quotas/<quota-id>
Get all quotas
GET /platform/1/quota/quotas
Create a quota
POST /platform/1/quota/quotas
Modify a quota
PUT /platform/1/quota/quotas/<quota-id>
Delete a quota
DELETE /platform/1/quota/quotas/<quotaid>
Delete all quotas
DELETE /platform/1/quota/quotas

all quotas
GET /platform/1/quota/quotas?describe
View the detailed JSON schema for a

single quota object
GET /platform/1/quota/quotas/<quota-id>?
describe
Query Parameters
path
Only applies to quotas matching this path (see recurse_path_*).
type
Only applies to quotas matching this type.
persona
Only applies to user or group quotas that match this persona. This parameter must be
used with the corresponding type argument).
include_snapshots
Only applies to quotas with the setting for include_snapshots.
enforced
Only applies to quotas with this enforcement (non-accounting).
exceeded
Only list quotas which have exceeded one or more of their thresholds.
recurse_path_parents
If used with the path argument, this parameter applies to all quotas at that path or at
any parent directory.
Quotas resource
77
Quota resources
recurse_path_children
If used with the path argument, this parameter applies to all quotas at that path or at
any descendent subdirectory.
report_id
Uses the named report as a source rather than the live quotas. See the quota reports
resource for a list of valid reports.
zone
An optionally named zone for user and group resolution.
resolve_names
If true, resolves group and user names in personas.
limit
Return no more than this many results at once (see resume).
resume
Continue returning results from a previous request (cannot be used with other
parameters).
Object Properties and Structure
Property
Type
Description
total
integer
Provides the total number of quotas available.
resume
integer

container Boolean
Enables the SMB shares using the quota directory to

see the quota threshold as the share size.
quotas
Properties for a quota.
quotas on page
84
Quota quotas notification rules resource

This resource applies the standard collection pattern to the notification rules for a quota.
Operation
-
78
Get a notification rule for a

quota
Method and URI

-
GET /platform/1/quota/quotas/<quota-id>/
notifications/<notification-id>
Get all notification rules for a

quota
notifications
Create notification rules for a

quota
POST /platform/1/quota/quotas/<quota-id>/
notifications
Create empty override

notification rules for a quota
PUT /platform/1/quota/quotas/<quota-id>/
notifications
Modify notification rules for a

quota
PUT /platform/1/quota/quotas/<quota-id>/
Delete notification rules for a

quota
DELETE /platform/1/quota/quotas/<quota-id>/
Quota resources
Operation
-
Method and URI

-
Delete all notification rules for a GET /platform/1/quota/quotas/<quota-id>/

notifications
quota
View detailed JSON schema for
quota notification rules
notifications?describe

a single quota notification rule
object
notifications/<notification-id>?describe
Query parameters
Object properties
Property
Type
Description
id
string
Provides the system ID given to the rule. In a POST

request, this is the ID of the created item that refers to
action_alert
string
Sends an alert when the rule matches.
action_email_address string
Sends an email to a specific address when the rule

matches.
action_email_owner
string
Sends an email to the quota domain owner when the

rule matches.
email_template
string
Provides the path of the optional /ifs template file

used for email.
condition
array
Provides the condition that must occur on the quota to

trigger notification actions. Options include: exceeded,
denied, violated, expired.
holdoff
integer Provides the time to wait between detections for rules

that are triggered by user actions.
Quota reports resource

This resource applies the standard collection pattern to quota reports.
Operation
-
Get a quota report
Method and URI

-
GET /platform/quota/reports/<reportid>?contents
Get all quota reports
GET /platform/quota/reports
Create a quota report
POST /platform/quota/reports/<reportid>?contents
Quota reports resource
79
Quota resources
Operation
-
Method and URI

-
Delete a quota report
DELETE /platform/quota/reports/<reportid>
View detailed JSON schema about

quota reports.
GET /platform/quota/reports?describe
View detailed JSON schema about a

single quota reports object.
GET /platform/quota/reports/<reportid>?describe
Query parameters
type
Only applies to reports matching this type.
generated
Applies to reports that match the source type (scheduled, manual, or all).
dir
limit
resume
parameters).
Object properties
80
Property
Type
total
integer Provides the total number of reports available.
id
string
Description
Provides the system ID given to the report. In a POST request, this

value is the ID that refers to the created item in the collection item
resource path.
generated string
Indicates whether the report was generated manually (live) or

scheduled.
type
string
Indicates whether the report is a summary report or detail report.
resume
string
Provides the value of the resume argument to be used for

continuation calls.
time
integer Provides the UNIX Epoch time that the report was generated.
Quota resources
Quota about reports resource

This resource applies the standard system object pattern to return metadata for
individual quota reports.
Operation
-
Method and URI
Get metadata about a report

about reports
GET /platform/1/quota/reports/<report-id>/
about
GET /platform/1/quota/reports/<report-id>/
about?describe
Query parameters
Object properties
Property
Type
Description
id
string
Provides the system ID given to the report. In a POST request, this is

the ID of the created item that refers to the item in the collection
item resource path.
generated string
Indicates whether the report was generated manually (live) or by a

schedule.
type
string
Indicates whether the report is a summary report or detail report.
time
integer Provides the UNIX Epoch time the report was taken.
Quota report settings resource

This resource applies the standard system object pattern to quota report settings.
Operation
-
Get quota report settings

Modify quota report settings
Method and URI

-
GET /platform/1/quota/settings/
reports
PUT /platform/1/quota/settings/
reports
View the detailed JSON schema about report GET /platform/1/quota/settings/

reports?describe
settings
Query parameters
Quota about reports resource
81
Quota resources
Object properties
Property
Type
Description
id
string
The system ID given to the rule. In a POST request, this is

the ID of the created item that is used to refer to the item in
the collection item resource path
live_dir
string
Provides the directory on /ifs where manual or live reports

are placed.
live_retain
integer Provides the number of manual reports to keep.
schedule
string
Provides the isidate schedule used to generate reports.
scheduled_dir
string
Provides the directory on /ifs where schedule reports are

placed.
scheduled_retain integer Provides the number of scheduled reports to keep.

schedule
string
Provides the schedule for repeated notification rules.
threshold
integer Provides the detected quota threshold.
Quota default notifications rules resource

This resource applies the standard collection pattern to default quota notification rules.
Operation
-
Get default global notification rules
Method and URI

-
or GET /platform/1/quota/quotas/<reportid>/notifications
Get a default global notification rule GET /platform/1/quota/settings/

or GET /platform/1/quota/quotas/<reportid>/notifications
Create a default global notification
rule
POST /platform/1/quota/settings/
or POST /platform/1/quota/quotas/<reportid>/notifications/<notification-id>
Modify a default global notification

rule
PUT /platform/1/quota/settings/
or PUT /platform/1/quota/quotas/<reportid>/notifications/<notification-id>
Delete default global notification

rules
DELETE /platform/1/quota/settings/
notifications
or DELETE /platform/1/quota/quotas/<reportid>/notifications
82
Quota resources
Operation
-
Method and URI
Delete a default global notification

rule
DELETE /platform/1/quota/settings/
or DELETE /platform/1/quota/quotas/<reportid>/notifications/<notification-id>

about global notification rules
notifications?describe

about a global notification rule
notifications/<notification-id>?describe
Query parameters
Object properties
Property
Type
Description
id
string
Provides the system ID given to the rule. In a POST

request, this is the ID of the created item that refers to
action_alert
string
Sends an alert when the rule matches.
action_email_address string
Sends an email to a specific address when the rule

matches.
action_email_owner
string
Sends an email to the quota domain owner when the

rule matches.
email_template
string
Provides the path of the optional /ifs template file

used for email.
condition
array
Provides the condition that must occur on the quota to

trigger notification actions. Options consist of:
exceeded, denied, violated, and expired.
holdoff
integer Provides the time to wait between detections for rules

triggered by user actions.
schedule
string
threshold
integer Provides the detected quota threshold.
Provides the schedule for repeated notification rules.
Quota mappings settings resource

This resource applies the standard collection pattern to quota notification email mapping
rules.
Operation
-
Get quota email mapping settings
Method and URI

-
GET /1/quota/settings/mappings
Quota mappings settings resource
83
Quota resources
Operation
-
Method and URI
Create quota email mapping settings
POST /1/quota/settings/mappings/
<domain>
Modify quota email mapping setting
PUT /1/quota/settings/mappings/
<domain>
Delete a quota email mapping setting
DELETE /1/quota/settings/mappings/
<domain>
Delete all quota email mapping settings
DELETE /1/quota/settings/mappings
View the detailed JSON schema for quota

email mapping settings
GET /1/quota/settings/mappings?
describe
View the detailed JSON schema for a quota GET /1/quota/settings/mappings/

<domain>?describe
email mapping settings object
Query parameters
Object properties
Property Type
Description
id
integer Provides the system ID given to the domain. In a POST request, this
is the ID of the created item that refers to the item in the collection
item resource path.
domain
string
Provides the fully qualified domain name of the source domain to

map.
mapping string
Provides the fully qualified domain name of the destination domain

to map to.
type
Provides the authentication provider type. Options include: ADS,

local, NIS, LDAP, and file.
array
Quotas properties
Object properties for quotas.
84
Property
Type
Description
id
string
Provides the system ID given to the

quota. In a POST request, this is the ID
of the created item that refers to the
item in the collection item resource
path.
enforced
Boolean
True if the quota provides

enforcement, otherwise an accounting
quota.
Quota resources
Property
Type
Description
force
string
Forces the creation of quotas on the

root of /ifs.
include_snapshots
Boolean
True if the quota governs snapshot

data as well as head data.
linked
Boolean
True if the quota for a user or group is

linked and controlled by a parent
default-* quota. Linked quotas cannot
be modified until they are unlinked.
notifications
array
Provides a summary of notifications:

custom indicates that one or more
notification rules are available from
the notifications sub-resource; default
indicates that the system default rules
are used; disabled indicates that no
notifications are used for this quota.
path
string
The /ifs path governed.
ready
Boolean
True if the accounting is accurate on

the quota. If false, this quota is
waiting on the completion of a
QuotaScan job.
thresholds_include_overhead Boolean
True if thresholds apply to the data

plus file system overhead that is
required to store the data (such as
physical usage).
type
array
Provides the type of quota.
persona
persona on
page 85
Properties for a persona. A persona

consists of either a name and a type or
an id.
usage
usage on page
86
Properties for quota usage.
thresholds
threshold on
page 86
Properties for quota thresholds.
Persona properties
Object properties for personas.
Property Type
Description
id

name
string
Provides the persona name, which must be combined with a type.
type
string
Provides the type of persona, which must be combined with a name.
Persona properties
85
Quota resources
Usage properties
Object properties for quota usage.
Property Type
Description
inodes
integer Provides the number of inodes (file system entities) used by

governed data.
logical
integer Provides the apparent bytes used by governed data.
physical integer Provides the bytes used for governed data and file system overhead.
Threshold properties
Object properties for quota thresholds.
Property
Type
Description
advisory
integer
Provides the usage bytes at which notifications are sent

but writes are not denied.
advisory_exceeded Boolean True if the advisory threshold was hit.
86
hard
integer
hard_exceeded
Boolean True if the hard threshold was hit.
soft
integer
soft_exceeded
Boolean True if the soft threshold was hit.
soft_grace
integer
Provides the usage bytes at which further writes are

denied.
Provides the usage bytes at which notifications are sent

and soft grace time is started.
Provides the time in seconds after which the soft

threshold is hit and before writes are denied.
CHAPTER 7
Snapshot resources
These resources allow users to retrieve, create, modify, or delete snapshot configurations
and settings.
u
u
u
u
u
u
u
u
u
u
u
Snapshot license resource....................................................................................88

Snapshot summary resource.................................................................................88
Snapshots resource..............................................................................................89
Snapshot schedules resource...............................................................................90
Snapshot locks resource.......................................................................................91
Snapshot pending resource...................................................................................92
Snapshot settings resource...................................................................................93
Snapshot properties..............................................................................................94
Schedules properties............................................................................................95
Lock properties.....................................................................................................95
Pending properties................................................................................................95
Snapshot resources
87
Snapshot resources
Snapshot license resource

This resource retrieves license information for SnapshotIQ.
Operation
-
Method and URI
Get license information for SnapshotIQ
GET /platform/1/snapshot/license
GET /platform/1/snapshot/license?
describe
View the detailed JSON schema for snapshots

license
Query parameters
Object properties
Property
Type
Description
duration
integer Provides the total duration in seconds for temporary licenses.
expiration integer Provides the UNIX Epoch time when the license expires.
status
array
Provides the current status of the license. Possible states are:

activated, evaluation, expired, inactive, and unknown.
name
string
Provides the name of the licensed feature.
Snapshot summary resource

This resource returns summary information for file system snapshots.
Operation
-
Method and URI

-
Get the snapshot summary

View the detailed JSON schema for snapshot
summary
GET /platform/1/snapshot/
snapshots-summary
snapshots-summary?describe
Query parameters
Object properties
Property
Type
count
integer Provides the total number of snapshots.
active_count
integer Provides the total number of snapshots that are not aliases or
pending for deletion.
Description
deleting_count integer Provides the total number of snapshots that are pending for
deletion.
88
Snapshot resources
Property
Type
Description
aliases_count
integer Provides the total number of snapshot aliases.
shadow_bytes integer Provides the number of bytes in a snapshot that are

referenced in a shadow store.
size
integer Provides the sum of sizes in bytes of all snapshots.
active_size
integer Provides the sum of sizes of snapshots that are not aliases or
pending for deletion.
deleting_size
integer Provides the sum of sizes of snapshots that are pending for
deletion.
Snapshots resource
This resource applies the standard collection pattern to file system snapshots.
Operation
-
Get a single snapshot
Method and URI

-
GET /platform/1/snapshot/snapshots/<id|
snapshot name>
Get a list of snapshots
GET /platform/1/snapshot/snapshots
Create a snapshot
POST /platform/1/snapshot/snapshots
Modify a snapshot
PUT /platform/1/snapshot/snapshots/<id|
snapshot name>
Delete a snapshot
DELETE /platform/1/snapshot/snapshots/<id|
snapshot name>
Delete all snapshots
DELETE /platform/1/snapshot/snapshots

for a single snapshot object
snapshot name>?describe

for snapshots
GET /platform/1/snapshot/snapshots?describe
Query parameters
sort
Order results by this field; options consist of id, name, path, created, expires, size,
has_locks, schedule, alias_target, alias_target_name, pct_filesystem, pct_reserve,
and state. The default value is id.
dir
schedule
Only list snapshots that were created by this schedule.
type
Only list snapshots that match this type.
state
Snapshots resource
89
Snapshot resources
Only list snapshots that match this state (such as active).

limit
resume
parameters).
Object properties
Property
Type
Description
total
integer
Provides the total number of items available.
resume
string

snapshots snapshots on page 94
Properties for a snapshot.
Snapshot schedules resource

This resource applies the standard collection pattern to snapshot schedules.
Operation
-
Get a single snapshot schedule
Method and URI

-
GET /platform/1/snapshot/schedules/<id|
schedule name>
Get a list of snapshot schedules
GET /platform/1/snapshot/schedules
Create a snapshot schedule
POST /platform/1/snapshot/schedules
Modify a snapshot schedule
PUT /platform/1/snapshot/schedules/<id|
schedule name>
Delete a snapshot schedule
DELETE /platform/1/snapshot/schedules/<id|
schedule name>
Delete all snapshot schedules
DELETE /platform/1/snapshot/schedules

for a single snapshot schedule
object
GET /platform/1/snapshot/schedules/<id|
schedule name>?describe

for snapshot schedules
GET /platform/1/snapshot/schedules?describe
Query parameters
sort
Order results by this field; options consist of id, name, path, pattern, schedule,
duration, alias, next_run, and next_snapshot. The default option is id.
dir
limit
90
Snapshot resources
resume
Continue returning results from previous request (cannot be used with other options).
Object properties
Property
Type
Description
total
integer
Provides the total number of schedules to display.
resume
string

schedules schedules on page 95
Properties for snapshot schedules.
Snapshot locks resource

This resource applies the standard collection pattern to locks on an individual snapshot.
Operation
-
Get a single lock on a

snapshot
Method and URI

-
GET /platform/1/snapshot/snapshots/<snapshotname|id>/locks/<lock-id>
Get a list of locks on a

snapshot
snapshot name>/locks
Create a lock on a snapshot
POST /platform/1/snapshot/snapshots/<snapshotname|id>/locks
Modify a lock on a snapshot
PUT /platform/1/snapshot/snapshots/<snapshotname|id>/locks/<lock-id>
Remove a lock from a

snapshot
DELETE /platform/1/snapshot/snapshots/<lockid>/locks
View the detailed JSON

schema for a single snapshot
lock object
GET /platform/1/snapshot/snapshots/<snapshotname|id>/locks/<lock-id>?describe
View the detailed JSON

schema for snapshot locks
snapshot name>/locks?describe
Query parameters
sort
Order results by this field; options consist of id, expires, and comment. The default
option is id.
dir
option is ascending.
limit
resume
parameters).
Snapshot locks resource
91
Snapshot resources
Object properties
Property Type
Description
total
integer
Provides the number of items available.
resume
string

for continuation calls.
locks
locks on page 95
Properties for a lock on a snapshot.
Snapshot pending resource

This resource applies the standard collection pattern to snapshots that will be generated
by a snapshot schedule.
Operation
-
Method and URI
Get a list of scheduled pending snapshots
View the detailed JSON schema for pending

snapshots
GET /platform/1/snapshot/pending
GET /platform/1/snapshot/pending?
describe
Query parameters
schedule
Limit output only to the named schedule.
begin
UNIX Epoch time to start generating matches. The default option is now.
end
UNIX Epoch time to end generating matches. The default option is forever.
limit
Return no more than this many results at once (see resume).
resume
parameters.)
Object properties
resume
Property Type
Description
resume

string
pending pending on page 95
92
Properties for pending snapshots.
Snapshot resources
Snapshot settings resource

This resource applies the standard settings pattern to global snapshot settings.
Operation
-
Method and URI

-
Get the current snapshot settings
GET /platform/1/snapshot/settings
Modify the current snapshot settings
PUT /platform/1/snapshot/settings
View the detailed JSON schema for snapshot

settings
settings?describe
Query parameters
Object properties
Property
Type
Description
service
Boolean True if the system allows snapshot creation.
autocreate
Boolean True if the scheduled snapshot creation services is

enabled.
autodelete
Boolean True if the scheduled snapshot deletion services is

enabled.
reserve
integer
Sets the percentage of space to reserve for

snapshots.
global_visible_accessible Boolean Enables a global switch for accessibility and

visibility settings of snapshot directories.
nfs_root_accessible
Boolean True if the root .snapshot directory is accessible

over NFS.
nfs_root_visible
Boolean True if the root .snapshot directory is visible over

NFS.
nfs_subdir_accessible
Boolean True if the subdirectory .snapshot directories are

accessible over NFS.
local_root_accessible

locally.
local_root_visible
Boolean True if the root .snapshot directory is visible

locally.
local_subdir_accessible

accessible locally.
smb_root_accessible

over SMB.
smb_root_visible
Boolean True if the root .snapshot directory is visible over

SMB.
Snapshot settings resource
93
Snapshot resources
Property
Type
Description
smb_subdir_accessible

accessible over SMB.
Snapshot properties
Object properties for snapshots.
Property
Type
Description
id
integer
Provides the system ID that is given to the snapshot. This

ID is useful for tracking the status of delete pending
snapshots, because after being marked for deletion, a
snapshot can no longer be referenced by name. In a POST
request, this value is the ID that refers to the item in the
collection item resource path.
name
string
Provides the user or system supplied snapshot name.

This value is null for snapshots that are pending delete.
shadow_bytes
integer
Provides the number of bytes in a snapshot that is

referenced in a shadow store.
schedule
string
Provides the name of the schedule used to create this

snapshot, if applicable.
created
integer
Provides the Unix Epoch time the snapshot was created.
expires
integer
Provides the Unix Epoch time the snapshot expires and is

eligible for automatic deletion.
path
string
Provides a snapshot of the /ifs path.
size
integer
Provides the amount of storage (in bytes) used to store

this snapshot.
pct_filesystem
integer
Provides the percentage of the /ifs directory that is

storing this snapshot.
pct_reserve
integer
Provides the percentage of the configured snapshot that

is reserved to store this snapshot.
alias_target
integer
Provides the ID of the snapshot pointed to if this value is

an alias.
alias_target_name string
94
The name of the snapshot pointed to if this value is an

alias.
has_locks
Boolean True if the snapshot has one or more locks present. See
the locks resource of a snapshot for a list of locks.
state
string
Provides the snapshot state. The options are active or

deleting.
Snapshot resources
Schedules properties
Object properties for schedules.
Property
Type
id
integer Provides the system ID given to the schedule. In a POST

request, this value is the ID that refers to the item in the
collection item resource path.
name
string
Provides the name of the schedule.
pattern
string
Creates names for snapshot schedules according to a pattern

with the strftime function.
path
string
Provides the path to take a snapshot of.
schedule
string
Provides the isidate compatible natural language description

of the schedule.
duration
integer Provides the amount of time before a snapshot is

automatically deleted by a schedule.
alias
string
next_run
integer Provides the UNIX Epoch time of next snapshot to be created.
next_snapshot string
Description
Provides the alternative name to create for each snapshot.
Provides the formatted name of the next snapshot to be

created.
Lock properties
Object properties for locks.
Property
Type
id
integer Provides the system generated lock ID. In a POST request, this value
refers to the item in the collection item resource path.
comment string
expires
Description
Provides the user-supplied lock comment.
integer Provides the UNIX Epoch time the snapshot lock expires and is
eligible for automatic deletion.
Pending properties
Object properties for pending snapshots.
Property
Type
Description
id
string
Provides the system supplied unique ID used for sorting and paging.
schedule string
time
Provides the name of the schedule that created this snapshot.
integer Provides the UNIX Epoch time the snapshot will be created.
snapshot string
Provides the system snapshot name formed from the schedule

formate.
Schedules properties
95
Snapshot resources
96
Property
Type
Description
path
string
Provides the /ifs path of the snapshot that is taken.
CHAPTER 8
Zones resources
These resources allow users to retrieve, create, modify, or delete access zone
u
u
u
Zones summary resource......................................................................................98

Zones resource......................................................................................................98
Zone persona properties.......................................................................................99
Zones resources
97
Zones resources
Zones summary resource

This resource returns summary information for access zones.
Operation
-
Method and URI

-
Get the zones summary
GET /platform/1/zones-summary
GET /platform/1/zones-summary?
describe
View detailed JSON schema for the zones

summary
Query parameters
Object properties
Property
Type
Description
count
integer
Provides the total number of zones.
Zones resource
This resource applies the standard collection pattern to access zones.
Operation
-
Method and URI

-
Get one zone
GET /platform/1/zones/<zone-id>
Get all zones
GET /platform/1/zones
Create a zone
POST /platform/1/zones
Modify a zone
PUT /platform/1/zones/<zone-id>
Delete a zone
DELETE /platform/1/zones/<zoneid>
View the detailed JSON schema for all zones
GET /platform/1/zones?describe
View the detailed JSON schema for a single

zone object
GET /platform/1/zones/<zone-id>?
describe
Query parameters
Object properties
98
Property
Type
Description
id
string
Provides the system ID for the zone. In a

POST request, this value is the ID that
refers to the item in the collection item
resource path.
Zones resources
Property
Type
Description
all_auth_providers
Boolean
Enables all authentication providers that

are available.
all_smb_shares
Boolean
Enables all SMB shares that are

available.
alternate_system_provider string
Provides an alternate system provider.
auth_providers
array
Provides the list of authentication

providers used on this zone.
cache_size
integer
Specifies the maximum size of zone inmemory cache.
home_directory_umask
integer
Provides the permissions set on

automatically created user home
directories.
local_provider
Boolean
Enables the local provider.
map_untrusted
string
Maps untrusted domains to the NetBIOS

domain during authentication.
name
string
Provides the zone name.
netbios_name
string
Provides the NetBIOS name.
skeleton_directory
string
Provides the skeleton directory that is

used for user home directories.
smb_shares
array
Provides the list of SMB share names

available within this zone.
system
Boolean
Indicates whether the zone is built-in.
system_provider
string
Provides the system provider for the

zone.
user_mapping_rules
array
Provides the current ID mapping rules.
zone_id
integer
Provides the zone ID on the system.
ifs_restricted
persona on
page 99
Returns an array of persona objects.
Zone persona properties

Object properties for zone personas.
Property Type
Description
id
integer The serialized form of the zone (such as 'UID:0', 'USER:name', 'GID:
0', 'GROUP:wheel', 'SID:S-1-1').
name
string
The persona name, which must be combined with type.
type
string
The type of persona, which must be combined with name.
Zone persona properties
99
Zones resources
100

Onefs Platform Api Reference 7 0 1 PDF

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Onefs Platform Api Reference 7 0 1 PDF

Uploaded by

Copyright:

Available Formats

Isilon

Platform API Reference

Published December, 2012

OneFS 7.0.1 Platform API Reference

Introduction to the Platform API

API architecture ..............................................................................................8

Platform API session resource

Auth user security token resource..................................................................20

OneFS 7.0.1 Platform API Reference

NFS exports summary resource......................................................................50

SMB shares summary resource.....................................................................64

Quota license resource..................................................................................76

Snapshot license resource............................................................................88

OneFS 7.0.1 Platform API Reference

Snapshot settings resource...........................................................................93

Zones summary resource..............................................................................98

OneFS 7.0.1 Platform API Reference

OneFS 7.0.1 Platform API Reference

An object is a logical grouping of system

A collection represents a group of the same or

A resource is an object, collection, or data

API architecture ......................................................................................................8

Introduction to the Platform API

Introduction to the Platform API

The PUT method enables partial modification of a resource through partial

The Platform API supports a maximum URI length of 8,198 characters.

Read a system object

OneFS 7.0.1 Platform API Reference

Introduction to the Platform API

Modify a system object

Read an entire collection

Read an object from a collection

Introduction to the Platform API

Create an object in a collection

Modify an object in a collection

Delete an object from a collection

OneFS 7.0.1 Platform API Reference

Introduction to the Platform API

Platform API self-documentation

Introduction to the Platform API

HTTP Basic Authentication

HTTP Basic Authentication conforms to RFC 2617, section 2.

Configure a session cookie

OneFS 7.0.1 Platform API Reference

Introduction to the Platform API

Configure a session cookie

Introduction to the Platform API

OneFS 7.0.1 Platform API Reference

Provides the username requesting access to the cluster.

Provides the password for the username requesting access

Provides a list of Platform API services to obtain access to.

integer Provides the number of seconds of inactivity before the

Platform API session resource

Platform API session resource

If the credentials validate, the following steps occur.

Send a request using a session cookie

Get information about the current session

Log out of a session

OneFS 7.0.1 Platform API Reference

Platform API session resource

Log out of a session

Platform API session resource