REST API reference
Retrieve applied group policy objects for an SVM
Suggest changes
PDFs
GET /protocols/cifs/group-policies/{svm.uuid}/objects
Introduced In: 9.12
Retrieves applied group policy objects for specified SVM.
Related ONTAP commands
-
vserver cifs group-policy show-applied
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
name |
string |
query |
False |
Filter by name
|
extensions |
string |
query |
False |
Filter by extensions |
central_access_policy_settings |
string |
query |
False |
Filter by central_access_policy_settings |
registry_settings.branchcache.supported_hash_version |
string |
query |
False |
Filter by registry_settings.branchcache.supported_hash_version |
registry_settings.branchcache.hash_publication_mode |
string |
query |
False |
Filter by registry_settings.branchcache.hash_publication_mode |
registry_settings.refresh_time_random_offset |
string |
query |
False |
Filter by registry_settings.refresh_time_random_offset |
registry_settings.refresh_time_interval |
string |
query |
False |
Filter by registry_settings.refresh_time_interval |
link |
string |
query |
False |
Filter by link |
central_access_policy_staging_audit_type |
string |
query |
False |
Filter by central_access_policy_staging_audit_type |
uuid |
string |
query |
False |
Filter by uuid |
security_settings.restricted_groups |
string |
query |
False |
Filter by security_settings.restricted_groups |
security_settings.event_audit_settings.logon_type |
string |
query |
False |
Filter by security_settings.event_audit_settings.logon_type |
security_settings.event_audit_settings.object_access_type |
string |
query |
False |
Filter by security_settings.event_audit_settings.object_access_type |
security_settings.kerberos.max_clock_skew |
string |
query |
False |
Filter by security_settings.kerberos.max_clock_skew |
security_settings.kerberos.max_renew_age |
string |
query |
False |
Filter by security_settings.kerberos.max_renew_age |
security_settings.kerberos.max_ticket_age |
string |
query |
False |
Filter by security_settings.kerberos.max_ticket_age |
security_settings.files_or_folders |
string |
query |
False |
Filter by security_settings.files_or_folders |
security_settings.privilege_rights.change_notify_users |
string |
query |
False |
Filter by security_settings.privilege_rights.change_notify_users |
security_settings.privilege_rights.security_privilege_users |
string |
query |
False |
Filter by security_settings.privilege_rights.security_privilege_users |
security_settings.privilege_rights.take_ownership_users |
string |
query |
False |
Filter by security_settings.privilege_rights.take_ownership_users |
security_settings.restrict_anonymous.anonymous_access_to_shares_and_named_pipes_restricted |
boolean |
query |
False |
Filter by security_settings.restrict_anonymous.anonymous_access_to_shares_and_named_pipes_restricted |
security_settings.restrict_anonymous.no_enumeration_of_sam_accounts |
boolean |
query |
False |
Filter by security_settings.restrict_anonymous.no_enumeration_of_sam_accounts |
security_settings.restrict_anonymous.no_enumeration_of_sam_accounts_and_shares |
boolean |
query |
False |
Filter by security_settings.restrict_anonymous.no_enumeration_of_sam_accounts_and_shares |
security_settings.restrict_anonymous.combined_restriction_for_anonymous_user |
string |
query |
False |
Filter by security_settings.restrict_anonymous.combined_restriction_for_anonymous_user |
security_settings.event_log_settings.max_size |
integer |
query |
False |
Filter by security_settings.event_log_settings.max_size |
security_settings.event_log_settings.retention_method |
string |
query |
False |
Filter by security_settings.event_log_settings.retention_method |
security_settings.registry_values.signing_required |
boolean |
query |
False |
Filter by security_settings.registry_values.signing_required |
version |
integer |
query |
False |
Filter by version |
enabled |
boolean |
query |
False |
Filter by enabled |
index |
integer |
query |
False |
Filter by index |
ldap_path |
string |
query |
False |
Filter by ldap_path |
svm.name |
string |
query |
False |
Filter by svm.name |
file_system_path |
string |
query |
False |
Filter by file_system_path |
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
fields |
array[string] |
query |
False |
Specify the fields to return. |
return_records |
boolean |
query |
False |
The default is true for GET calls. When set to false, only the number of records is returned.
|
return_timeout |
integer |
query |
False |
The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.
|
max_records |
integer |
query |
False |
Limit the number of records returned. |
order_by |
array[string] |
query |
False |
Order results by specified fields and optional [asc |
Response
Status: 200, Ok| Name | Type | Description |
|---|---|---|
_links |
||
num_records |
integer |
Number of group policy objects. |
records |
array[group_policy_object] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"num_records": 1,
"records": {
"central_access_policy_settings": [
"p1",
"p2"
],
"central_access_policy_staging_audit_type": "none",
"extensions": [
"audit",
"security"
],
"file_system_path": "\\test.com\\SysVol\\test.com\\policies\\{42474212-3f9d-4489-ae01-6fcf4f805d4c}",
"index": 1,
"ldap_path": "cn={42474212-3f9d-4489-ae01-6fcf4f805d4c},cn=policies,cn=system,DC=TEST,DC=COM",
"link": "domain",
"name": "test_policy",
"registry_settings": {
"branchcache": {
"hash_publication_mode": "disabled",
"supported_hash_version": "version1"
},
"refresh_time_interval": "P15M",
"refresh_time_random_offset": "P1D"
},
"security_settings": {
"event_audit_settings": {
"logon_type": "failure",
"object_access_type": "failure"
},
"event_log_settings": {
"max_size": 2048,
"retention_method": "do_not_overwrite"
},
"files_or_folders": [
"/vol1/home",
"/vol1/dir1"
],
"kerberos": {
"max_clock_skew": "P15M",
"max_renew_age": "P2D",
"max_ticket_age": "P24H"
},
"privilege_rights": {
"change_notify_users": [
"usr1",
"usr2"
],
"security_privilege_users": [
"usr1",
"usr2"
],
"take_ownership_users": [
"usr1",
"usr2"
]
},
"restrict_anonymous": {
"combined_restriction_for_anonymous_user": "no_access"
},
"restricted_groups": [
"test_grp1",
"test_grp2"
]
},
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"uuid": "42474212-3f9d-4489-ae01-6fcf4f805d4c",
"version": 7
}
}Error
Status: Default, Error| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": {
"code": "string",
"message": "string"
},
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
next |
||
self |
group_policy_object_branchcache
| Name | Type | Description |
|---|---|---|
hash_publication_mode |
string |
Hash publication mode. |
supported_hash_version |
string |
Hash version. |
group_policy_object_registry_setting
| Name | Type | Description |
|---|---|---|
branchcache |
||
refresh_time_interval |
string |
Refresh time interval in ISO-8601 format. |
refresh_time_random_offset |
string |
Random offset in ISO-8601 format. |
group_policy_object_event_audit
| Name | Type | Description |
|---|---|---|
logon_type |
string |
Type of logon event to be audited. |
object_access_type |
string |
Type of object access to be audited. |
group_policy_object_event_log
| Name | Type | Description |
|---|---|---|
max_size |
integer |
Maximum size of security log, in kilobytes. |
retention_method |
string |
Audit log retention method. |
group_policy_object_kerberos
| Name | Type | Description |
|---|---|---|
max_clock_skew |
string |
Kerberos clock skew in ISO-8601 format. |
max_renew_age |
string |
Kerberos max renew age in ISO-8601 format. |
max_ticket_age |
string |
Kerberos max ticket age in ISO-8601 format. |
group_policy_object_privilege_right
| Name | Type | Description |
|---|---|---|
change_notify_users |
array[string] |
Users with traversing bypass privileges. |
security_privilege_users |
array[string] |
Users with security privileges. |
take_ownership_users |
array[string] |
Users who can take ownership of securable objects. |
group_policy_object_registry_value
| Name | Type | Description |
|---|---|---|
signing_required |
boolean |
SMB signing required. |
group_policy_object_restrict_anonymous
| Name | Type | Description |
|---|---|---|
anonymous_access_to_shares_and_named_pipes_restricted |
boolean |
Restrict anonymous access to shares and named pipes. |
combined_restriction_for_anonymous_user |
string |
Combined restriction for anonymous user. |
no_enumeration_of_sam_accounts |
boolean |
No enumeration of SAM accounts. |
no_enumeration_of_sam_accounts_and_shares |
boolean |
No enumeration of SAM accounts and shares. |
group_policy_object_security_setting
| Name | Type | Description |
|---|---|---|
event_audit_settings |
||
event_log_settings |
||
files_or_folders |
array[string] |
Files/Directories for file security. |
kerberos |
||
privilege_rights |
||
registry_values |
||
restrict_anonymous |
||
restricted_groups |
array[string] |
List of restricted groups. |
_links
| Name | Type | Description |
|---|---|---|
self |
svm
Will not be populated for objects that are yet to be applied.
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
group_policy_object
| Name | Type | Description |
|---|---|---|
central_access_policy_settings |
array[string] |
List of central access policies. |
central_access_policy_staging_audit_type |
string |
Types of events to be audited. |
enabled |
boolean |
Specifies whether group policies are enabled for the SVM. |
extensions |
array[string] |
List of extensions. |
file_system_path |
string |
File system path. |
index |
integer |
Group policy object index. |
ldap_path |
string |
LDAP path to the GPO. |
link |
string |
Link info. |
name |
string |
|
registry_settings |
||
security_settings |
||
svm |
Will not be populated for objects that are yet to be applied. |
|
uuid |
string |
Policy UUID. |
version |
integer |
Group policy object version. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |