Retrieve an applied group policy object for an SVM
- PDF of this doc site
Collection of separate PDF docs
Creating your file...
GET /protocols/cifs/group-policies/{svm.uuid}/objects/{index}
Introduced In: 9.12
Retrieves applied group policy object for specified SVM.
Related ONTAP commands
-
vserver cifs group-policy show-applied
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
index |
integer |
path |
True |
Restricted group index. |
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
fields |
array[string] |
query |
False |
Specify the fields to return. |
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
central_access_policy_settings |
array[string] |
List of central access policies. |
central_access_policy_staging_audit_type |
string |
Types of events to be audited. |
enabled |
boolean |
Specifies whether group policies are enabled for the SVM. |
extensions |
array[string] |
List of extensions. |
file_system_path |
string |
File system path. |
index |
integer |
Group policy object index. |
ldap_path |
string |
LDAP path to the GPO. |
link |
string |
Link info. |
name |
string |
|
registry_settings |
||
security_settings |
||
svm |
Will not be populated for objects that are yet to be applied. |
|
uuid |
string |
Policy UUID. |
version |
integer |
Group policy object version. |
Example response
{
"central_access_policy_settings": [
"p1",
"p2"
],
"central_access_policy_staging_audit_type": "none",
"extensions": [
"audit",
"security"
],
"file_system_path": "\\test.com\\SysVol\\test.com\\policies\\{42474212-3f9d-4489-ae01-6fcf4f805d4c}",
"index": 1,
"ldap_path": "cn={42474212-3f9d-4489-ae01-6fcf4f805d4c},cn=policies,cn=system,DC=TEST,DC=COM",
"link": "domain",
"name": "test_policy",
"registry_settings": {
"branchcache": {
"hash_publication_mode": "disabled",
"supported_hash_version": "version1"
},
"refresh_time_interval": "P15M",
"refresh_time_random_offset": "P1D"
},
"security_settings": {
"event_audit_settings": {
"logon_type": "failure",
"object_access_type": "failure"
},
"event_log_settings": {
"max_size": 2048,
"retention_method": "do_not_overwrite"
},
"files_or_folders": [
"/vol1/home",
"/vol1/dir1"
],
"kerberos": {
"max_clock_skew": "P15M",
"max_renew_age": "P2D",
"max_ticket_age": "P24H"
},
"privilege_rights": {
"change_notify_users": [
"usr1",
"usr2"
],
"security_privilege_users": [
"usr1",
"usr2"
],
"take_ownership_users": [
"usr1",
"usr2"
]
},
"restrict_anonymous": {
"combined_restriction_for_anonymous_user": "no_access"
},
"restricted_groups": [
"test_grp1",
"test_grp2"
]
},
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"uuid": "42474212-3f9d-4489-ae01-6fcf4f805d4c",
"version": 7
}
Error
Status: Default, Error
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
group_policy_object_branchcache
Name | Type | Description |
---|---|---|
hash_publication_mode |
string |
Hash publication mode. |
supported_hash_version |
string |
Hash version. |
group_policy_object_registry_setting
Name | Type | Description |
---|---|---|
branchcache |
||
refresh_time_interval |
string |
Refresh time interval in ISO-8601 format. |
refresh_time_random_offset |
string |
Random offset in ISO-8601 format. |
group_policy_object_event_audit
Name | Type | Description |
---|---|---|
logon_type |
string |
Type of logon event to be audited. |
object_access_type |
string |
Type of object access to be audited. |
group_policy_object_event_log
Name | Type | Description |
---|---|---|
max_size |
integer |
Maximum size of security log, in kilobytes. |
retention_method |
string |
Audit log retention method. |
group_policy_object_kerberos
Name | Type | Description |
---|---|---|
max_clock_skew |
string |
Kerberos clock skew in ISO-8601 format. |
max_renew_age |
string |
Kerberos max renew age in ISO-8601 format. |
max_ticket_age |
string |
Kerberos max ticket age in ISO-8601 format. |
group_policy_object_privilege_right
Name | Type | Description |
---|---|---|
change_notify_users |
array[string] |
Users with traversing bypass privileges. |
security_privilege_users |
array[string] |
Users with security privileges. |
take_ownership_users |
array[string] |
Users who can take ownership of securable objects. |
group_policy_object_registry_value
Name | Type | Description |
---|---|---|
signing_required |
boolean |
SMB signing required. |
group_policy_object_restrict_anonymous
Name | Type | Description |
---|---|---|
anonymous_access_to_shares_and_named_pipes_restricted |
boolean |
Restrict anonymous access to shares and named pipes. |
combined_restriction_for_anonymous_user |
string |
Combined restriction for anonymous user. |
no_enumeration_of_sam_accounts |
boolean |
No enumeration of SAM accounts. |
no_enumeration_of_sam_accounts_and_shares |
boolean |
No enumeration of SAM accounts and shares. |
group_policy_object_security_setting
Name | Type | Description |
---|---|---|
event_audit_settings |
||
event_log_settings |
||
files_or_folders |
array[string] |
Files/Directories for file security. |
kerberos |
||
privilege_rights |
||
registry_values |
||
restrict_anonymous |
||
restricted_groups |
array[string] |
List of restricted groups. |
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
svm
Will not be populated for objects that are yet to be applied.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |