Skip to main content
SANtricity commands

Downloadable SMcli command line parameters

Contributors netapp-driley
PDFs

11.60 and newer downloadable SMcli command line parameters

The SANtricity OS 11.60 release includes the ability to download and install the http-based version of CLI (also referred to as "Secure CLI" or SMcli) directly through the SANtricity System Manager. This downloadable version of the SMcli is available on EF600, EF300, E5700, EF570, E2800, and EF280 controllers. To download the SMcli within the SANtricity System Manager, select Settings > System and Add-ons > Command Line Interface .

Note A Java Runtime Environment (JRE), version 8 and above, must be available on the management system where you plan to run the CLI commands.

As with previous versions of the SMcli, the SMcli downloadable through the SANtricity System Manager has a unique set of parameters. For information on using command line parameters for SANtricity OS 11.53 and older releases, see Legacy command line parameters

Multifactor authentication

If SAML (Security Assertion Markup Language) is enabled, only access tokens can be used with the CLI. If SAML is not enabled, the username/password or access tokens can be used. Access tokens can be generated through the SANtricity System Manager.

Table 1. Access token, username, and password parameters
Parameter Definition

-t

Defines the access token to be used for authentication with a storage array. An access token is a replacement for supplying the username and password.

-T (uppercase)

This argument requires one of two arguments:

  • access_token-file - Contains the access token to use for authentication

  • -(dash) - Read the access token from stdin

-u

Follow this parameter with the username variable. This parameter is required whenever an access token is not used.

-p

Defines the password for the storage array on which you want to run commands. A password is not necessary under these conditions:

  • A password has not been set on the storage array.

  • The password is specified in a script file that you are running.

-P (uppercase)

This argument requires one of two arguments:

  • password_file - Contains the password to use for authentication.

  • - (one dash) - Read the password from stdin.

General https mode command line parameters

The downloadable SMcli only supports https mode. The following are commonly used command line parameters for https mode.

Table 2. https command line parameters
Parameter Definition

host-name-or-IP-address

Specifies either the host name or the Internet Protocol (IP) address (xxx.xxx.xxx.xxx) of an out-of-band managed storage array.

When managing out-of-band storage management through the Ethernet connection on each controller, you must specify the host-name-or-IP-address of the controllers.

-k

This optional argument allows an https client to operate in insecure mode. This means that the storage array's certificate will not be validated. By default, if omitted, the proper validation will be performed.

Note For additional information on managing storage array certificates, see Managing stored certificates command line parameters.

-e

Runs the commands without performing a syntax check first.

-L (uppercase)

Displays the legal notices for Downloadable SMcli.

-n

Specifies the locally stored label on which you want to run the script commands. This is optional when you use host-name-or-IP-address. The locally stored label is required when the host-name-or-IP-address is not used.

Note For additional information on using locally stored labels to manage storage arrays, see Managing stored arrays command line parameters.

-o

Specifies a file name for all output text that is a result of running the script commands. Use the -o parameter with these parameters:

  • -c

  • -f

If you do not specify an output file, the output text goes to standard output (stdout). All output from commands that are not script commands is sent to stdout, regardless of whether this parameter is set.

-S (uppercase)

Suppresses informational messages describing the command progress that appear when you run script commands. (Suppressing informational messages is also called silent mode.) This parameter suppresses these messages:

  • Performing syntax check

  • Syntax check complete

  • Executing script

  • Script execution complete

  • SMcli completed successfully

-version

Displays the downloadable SMcli version

-?

Shows usage information about the CLI commands.

Managing stored arrays

The following command line parameters allow you to manage stored arrays through your locally stored label.

Note The locally stored label may not match the actual storage array name displayed under the SANtricity System Manager.
Table 3. Managing stored arrays command line parameters
Parameter Definition

SMcli storageArrayLabel show all

Displays all locally stored labels and their associated addresses

SMcli storageArrayLabel show label <LABEL>

Displays the addresses associated with the locally stored label named <LABEL>

SMcli storageArrayLabel delete all

Deletes all locally stored labels

SMcli storageArrayLabel delete label <LABEL>

Deletes the locally stored label named <LABEL>

SMcli <host-name-or-IP-address> [host-name-or-IP-address] storageArrayLabel add label <LABEL>

  • Adds a locally stored label with name <LABEL> containing the addresses provided

  • Updates are not directly supported. To update, delete label and then re-add.

Note The SMcli does not contact the storage array when adding a locally stored label.
Table 4. Managing stored certificates command line parameters
Parameter Definition

SMcli localCertificate show all

Displays all trusted certificates stored locally

SMcli localCertificate show alias <ALIAS>

Displays a locally stored trusted certificate with the alias <ALIAS>

SMcli localCertificate delete all

Deletes all trusted certificates stored locally

SMcli localCertificate delete alias <ALIAS>

Deletes a locally stored trusted certificate with the alias <ALIAS>

SMcli localCertificate trust file <CERT_FILE> alias <ALIAS>

  • Saves a certificate to be trusted with the alias <ALIAS>

  • The certificate to be trusted is downloaded from the controller in a separate operation, such as using a web browser

SMcli <host-name-or-IP-address> [host-name-or-IP-address] localCertificate trust

  • Connects to each address and saves the certificate returned into the trusted certificate store

  • The hostname or IP address specified is used as the alias for each certificate saved this way

  • User should verify the certificate on the controller(s) is to be trusted before running this command

  • For highest security, the trust command that takes a file should be used to ensure the certificate did not change between user validation and running of this command