Beruflich Dokumente
Kultur Dokumente
Centro de soporte de HPE
HPE
3PAR File Persona Software Suite - Troubleshooting File Persona
Troubleshooting file persona
Link to the list of available documents
Troubleshooting file persona
Refer to the following list of possible troubleshooting scenarios that could arise when using File Persona.
1. Problem:
Windows 2012 clients cannot see new/updated NFS files without refreshing the Windows Explorerwindow.
Cause:
This is a Microsoft Windows Server 2012 (without R2) bug. Windows Server 2012 does not handle theSMB Notification of NFS
updated files correctly. Whenever clients write something new, the DirectoryChange Notification (DCN) feature should show the
Windows user the new files on the WindowsExplorer window without having the user refresh the window.
Solution:
• Upgrade to Windows Server 2012 R2.
• Use the function key F5 to refresh the window if the file you expect to see does not appear.
2. Problem:
Performance of directory listing of a File Persona NFS share with an NFSv4 client slow when usingLDAP
Cause:
There are known performance issues when NFSv4 and LDAP are paired that result in slow directorylisting.
Solution:
There is no solution that exists from the File Persona side as this is an NFSv4 related issue.Alternatively, NFSv3 performs better.
3. Problem:
NFS and Object Access API users don’t have folder access if permissions are given with the built-in“Domain Users” group.
Cause:
This is an Active Directory behaviour when the System Security Services Daemon (SSSD) is beingused on a client in
RFC2307 provisioned mode. The SSSD does not resolve the “Domain Users” group inan Active Directory.
Solution:
This is not a File Persona related issue. To resolve this, opt for BeyondTrust’s PowerBrokerIdentity Services Open
instead of using SSSD on the client experiencing the issue. BeyondTrust’s PowerBroker Identity Services Open will
resolve the "Domain Users" groupin both provisioned mode (RFC2307 is on) and non-provisioned mode ( RFC2307 is off).
4. Problem:
Setting LSASS provisioned mode fails to provide NFSv4 ID mapping
Cause:
Setting the Local Security Authority Subsystem Service (LSASS) in provisioned mode willfail to provide NFSv4 ID
mapping without the Schmmgmt.dll file installed. This is only seen when the RFC2307 mode is on, and only on Active Directory
servers that do not have the Schmmgmt.dll fileloaded.
Solution:
Load the Schmmgmt.dl provided by Microsoft Windows. Windows Server 2012 R2has the Schmmgmt.dll file loaded by
default.Windows Server 2008 doesn't load it by default. To load the Schmmgmt.dll on the Windows Server 2012 R2 run the
command: regsvr32 schmmgmt.dll
5. Problem:
When restricting access to domain NFS shares if wildcard option is used to specify the Client IP an erroris generated
Cause:
When restricting access to domain NFS shares, a Fully Qualified Domain Name (FQDN) of the hostshould be specified. If the
wildcard option is used when specifying the client IP there might be an issue.
Solution:
Reverse lookup allows clients on the domain access to mount an NFS share. When restricting accessto domain NFS shares,
specify an FQDN. When configuring Reverse lookup configure the FQDN andnot an alias. Example: Do not use an alias like sys1.
Use the FQDN: sys1.hpe.com.
6. Problem:
Incorrect scan count found when a read operation is performed on infected files using Object Access API
Cause:
When a file is scanned and is found to be infected, a quarantined link pointing to the infected file iscreated and the permission of the
file is changed to “access denied”. If the creation of the quarantine linkfails due to limitations on quota, the file is not stamped as
scanned. Since the file is not marked asscanned, the filesystem will trigger the file for scanning whenever accessed till the
quarantined link to thefile has been created successfully and has been marked as stamped.
Solution:
There is an upper limit on the inode quota in the system. When the limit is reached, the user will get awarning and the user is
expected to perform further action, such as remove files or increase the limit tomake quota available.
7. Problem:
When editing WORM files in the vi editor, empty files are being created in File Store
Cause:
If you attempt to edit a WORM file in the retained state, applications such as the vi editor will be unableto edit the file, but will leave
empty temporary files on the File Store. User must manually delete thesetemporary files.
Solution:
This is a typical vieditor behaviour, WORM logic has no control over how these temporary files arecreated or deleted by the
viapplication. This condition is benign for the end user.
8. Problem:
Applications such asvi editor appear to update WORM files with the default retention period
Cause:
If you use an editor such as vi to edit a WORM file that is not in the retained state, the file will bemodified and it will be retained with
the default retention period.
Solution:
This is expected behaviour. The file modification occurs because the vi editor edits a temporary copy ofthe file, tries to rename it to
the real file, and when this fails, it deletes the original file and then renamesit, which succeeds (because un retained WORM files are
allowed to be deleted). Avoid the use of vi toedit WORM files that are not in retained state.
9. Problem:
The retention period of a WORM or retained files extracted from a tar file is different from the original file.
Cause:
When a tar file with WORM or retained files is extracted, the retention period of the extracted files will bereset to the default retention
period from the time of file extraction.
Solution:
https://internal.support.hpe.com/hpsc/doc/public/display?docId=emr_na... 24/10/2019
Page 2 of 3
This is expected behaviour. This will be observed if the Tar tool version is v1.16_1 or above.
10. Problem:
Failed to failover fpg_name: Existing operation mount file system for FPG fpg_name is already pendingand is in conflict with
requested mount file system operation.
Cause:
The FPG Failover is Unsuccessful.
Solution:
Wait for a few seconds and retry the Failover on the FPG.
11. Problem:
Error message "Argument list too long" error message in showfsarchive, removefsarchive or setfsarchive
commands
Cause:
This error occurs when the command line length exceeds the kernel limitation.
Solution:
Use the inputfile option in the showfsarchive/removefsarchive/setfsarchive commands.
Please make note of the following:
• Wild card characters are not supported when using the inputfile option.
• All the files/directories inside the directory provided in the inputfile are accounted recursively
12. Problem:
Difference in quota capacity when passed from an archived config file in comparison to the values listedusing showfsquota
command
Cause:
When quota is set using setfsquota command the soft and hard limit of quota is set in MB. Whereas,the archived quota config file
has its quota values set in KB.
Solution:
The configurations settings of the setfsquota command and archive quota config file are structuredthis way. There is no solution to
this probem, but being aware of the difference in the quota units.
13. Problem:
Antivirus scan on a Virtual File Server (VFS) or a File Store failing
Cause:
Check to see whether the File Provisioning Group is full or not.
Solution:
The File Provisioning Group (FPG) cannot initiate an antivirus scan if it is full.
Remove files or increase the size of the FPG to make space available.
14. Problem:
User/group name/ID/SID lookup fails with error 40, 404 or 40, 405 when username mapping isenabled.
Cause:
This condition happens when the "ToName" user or group has been configured with a UID/GID value ofless than 1
Solution:
Ensure that UID/GID values less than 1 are not used in the "ToName" user or group.
15. Problem:
Unable to mount an SMB share. Error Access denied. Can mount SMB share only with the Local_cluster\administrator
user. The share was created on an NTFS enabled File Store with Everyone:fullcontrol permissions.
Cause:
The Everyone: full control permission given at the share creation is specific to the SMB sharewhich is checked before the
Access Control List (ACL) is read. This problem is NOT related to the ACLon the share root directory. This is a general Windows
behaviour and is not specific to File Persona.
Solution:
The share root directory must have an ACL that permits specific users access. In NTFS security mode,the default permissions at the
share root directory can be changed from:
• Windows Client's SYSTEM@NT_AUTHORITY or Window's Domain Administrator
• Via the 3PAR CLI or GUI (SSMC)
In NTFS security mode, if a share is created at the File Store root, default share directory permissionsare as follows:
• From a Windows Client:
• Everyone has permissions to mount and traverse to the mount point from a Windows client
(noninheritablepermissions).
• Only SYSTEM@NT_AUTHORITY (equivalent to root in Windows), and members of theAdministrators group in the
Windows domain have additional permissions, full-control (inheritablepermissions).
• From an NFS Client (or a POSIX client):
• Everyone has permissions to traverse to the mount point (non-inheritable permissions)
• Only members of the Administrators group (if in the same domain as server node) have additionalpermissions, full-
control (inheritable permissions).
If a share is created at any level below the File Store root, share directory permissions are inherited fromthe parent directory.
• From a Windows Client:
• Only SYSTEM@NT_AUTHORITY (equivalent to root in Windows), and members of theAdministrators group in the
Windows domain have any permissions, full-control (inheritablepermissions).
• From an NFS Client (or a POSIX client):
• Only members of the Administrators group (if in the same domain as server node) havepermissions, full-control
(inheritable permissions).
16. Problem:
When Robocopy is run to copy files in an SMB share, all new, edited and unedited files are being copied.
Cause:
Robocopy incorrectly detects files as new when copying between different file systems. Robocopycompares the time stamp for each
file at a very granular level and due to this assumes that each file hasbeen edited. Consequently it copies each file at every run.
Solution:
Use the command robocopy with the /FFT option: robocopy: /FFT. This forces robocopy to use FATstyle time stamps which
have a 2-second granularity. This granularity allows enough time difference toaccount for when copying a file from NTFS to another
file system.
17. Problem:
No alert generated when LDAP is configured incorrectly.
Customers may think their LDAP is configured correctly when it isn't working properly.
Cause:
Using incorrect settings to configure LDAP
Solution:
Run the showfs -ldap command and check the base parameter value whether it is being showncorrectly or not.
Try querying any LDAP user. If the user query is successful then the configuration is correct.
18. Problem:
Changing bond mode when file services were active resulted in loss of network access
Cause:
Once file services have been put into operation and are in active use, changing the network bond modefrom 6 to 1 (or vice versa)
may result in loss of network access to file services.
Solution:
It is recommended that file services be taken temporarily out of operation before changing bond modeand then returned to operation.
The following steps can be used to set bond mode safely (note that thisprocess will cause a temporary outage, so choose a time of
low usage when performing these steps).
https://internal.support.hpe.com/hpsc/doc/public/display?docId=emr_na... 24/10/2019
Page 3 of 3
top
Link
to the list of available documents
Click here to view the list of documents available for HPE 3PAR File Persona Software Suite .
top
https://internal.support.hpe.com/hpsc/doc/public/display?docId=emr_na... 24/10/2019