Apresentar informações sobre as configurações do GPO
Você pode exibir informações sobre configurações de GPO (Group Policy Object) definidas no ative Directory e sobre configurações GPO aplicadas ao servidor CIFS.
Você pode exibir informações sobre todas as configurações de GPO definidas no ative Directory do domínio ao qual o servidor CIFS pertence, ou você pode exibir informações apenas sobre as configurações de GPO aplicadas a um servidor CIFS.
-
Exiba informações sobre as configurações do GPO executando uma das seguintes ações:
Se você quiser exibir informações sobre todas as configurações de Diretiva de Grupo… Digite o comando… Definido no ative Directory
vserver cifs group-policy show-defined -vserver vserver_name
Aplicado a uma máquina virtual de storage habilitada por CIFS (SVM)
vserver cifs group-policy show-applied -vserver vserver_name
O exemplo a seguir exibe as configurações de GPO definidas no ative Directory ao qual pertence o SVM habilitado para CIFS chamado VS1:
cluster1::> vserver cifs group-policy show-defined -vserver vs1 Vserver: vs1 ----------------------------- GPO Name: Default Domain Policy Level: Domain Status: enabled Advanced Audit Settings: Object Access: Central Access Policy Staging: failure Registry Settings: Refresh Time Interval: 22 Refresh Random Offset: 8 Hash Publication Mode for BranchCache: per-share Hash Version Support for BranchCache : version1 Security Settings: Event Audit and Event Log: Audit Logon Events: none Audit Object Access: success Log Retention Method: overwrite-as-needed Max Log Size: 16384 File Security: /vol1/home /vol1/dir1 Kerberos: Max Clock Skew: 5 Max Ticket Age: 10 Max Renew Age: 7 Privilege Rights: Take Ownership: usr1, usr2 Security Privilege: usr1, usr2 Change Notify: usr1, usr2 Registry Values: Signing Required: false Restrict Anonymous: No enumeration of SAM accounts: true No enumeration of SAM accounts and shares: false Restrict anonymous access to shares and named pipes: true Combined restriction for anonymous user: no-access Restricted Groups: gpr1 gpr2 Central Access Policy Settings: Policies: cap1 cap2 GPO Name: Resultant Set of Policy Status: enabled Advanced Audit Settings: Object Access: Central Access Policy Staging: failure Registry Settings: Refresh Time Interval: 22 Refresh Random Offset: 8 Hash Publication for Mode BranchCache: per-share Hash Version Support for BranchCache: version1 Security Settings: Event Audit and Event Log: Audit Logon Events: none Audit Object Access: success Log Retention Method: overwrite-as-needed Max Log Size: 16384 File Security: /vol1/home /vol1/dir1 Kerberos: Max Clock Skew: 5 Max Ticket Age: 10 Max Renew Age: 7 Privilege Rights: Take Ownership: usr1, usr2 Security Privilege: usr1, usr2 Change Notify: usr1, usr2 Registry Values: Signing Required: false Restrict Anonymous: No enumeration of SAM accounts: true No enumeration of SAM accounts and shares: false Restrict anonymous access to shares and named pipes: true Combined restriction for anonymous user: no-access Restricted Groups: gpr1 gpr2 Central Access Policy Settings: Policies: cap1 cap2
O exemplo a seguir exibe as configurações de GPO aplicadas ao SVM VS1 habilitado para CIFS:
cluster1::> vserver cifs group-policy show-applied -vserver vs1 Vserver: vs1 ----------------------------- GPO Name: Default Domain Policy Level: Domain Status: enabled Advanced Audit Settings: Object Access: Central Access Policy Staging: failure Registry Settings: Refresh Time Interval: 22 Refresh Random Offset: 8 Hash Publication Mode for BranchCache: per-share Hash Version Support for BranchCache: all-versions Security Settings: Event Audit and Event Log: Audit Logon Events: none Audit Object Access: success Log Retention Method: overwrite-as-needed Max Log Size: 16384 File Security: /vol1/home /vol1/dir1 Kerberos: Max Clock Skew: 5 Max Ticket Age: 10 Max Renew Age: 7 Privilege Rights: Take Ownership: usr1, usr2 Security Privilege: usr1, usr2 Change Notify: usr1, usr2 Registry Values: Signing Required: false Restrict Anonymous: No enumeration of SAM accounts: true No enumeration of SAM accounts and shares: false Restrict anonymous access to shares and named pipes: true Combined restriction for anonymous user: no-access Restricted Groups: gpr1 gpr2 Central Access Policy Settings: Policies: cap1 cap2 GPO Name: Resultant Set of Policy Level: RSOP Advanced Audit Settings: Object Access: Central Access Policy Staging: failure Registry Settings: Refresh Time Interval: 22 Refresh Random Offset: 8 Hash Publication Mode for BranchCache: per-share Hash Version Support for BranchCache: all-versions Security Settings: Event Audit and Event Log: Audit Logon Events: none Audit Object Access: success Log Retention Method: overwrite-as-needed Max Log Size: 16384 File Security: /vol1/home /vol1/dir1 Kerberos: Max Clock Skew: 5 Max Ticket Age: 10 Max Renew Age: 7 Privilege Rights: Take Ownership: usr1, usr2 Security Privilege: usr1, usr2 Change Notify: usr1, usr2 Registry Values: Signing Required: false Restrict Anonymous: No enumeration of SAM accounts: true No enumeration of SAM accounts and shares: false Restrict anonymous access to shares and named pipes: true Combined restriction for anonymous user: no-access Restricted Groups: gpr1 gpr2 Central Access Policy Settings: Policies: cap1 cap2