Skip to main content
NetApp Knowledge Base

What are the options available as Antivirus Connector Command Line Switches

Views:
3,204
Visibility:
Public
Votes:
3
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9
  • Antivirus (Vscan)
  • ONTAP AV Connector

Answer

Below are the list of command line switches available for the AV Connector and use case examples

IpAddrToDns
  • Users will be using DNS load balancing round-robin and this can prevent the AV Connector from connecting to data LIFs on some nodes.
    • Setting the /IpAddrToDns to true will enable reverse DNS lookups from the AV Connector (default behavior)
    • Setting the /IpAddrToDns to falesewill disable reverse DNS lookups from the AV Connector 
  • From a CMD window on the Vscan server, run net start ontapavc /ipaddrtodns:<true/false>

Example:

C:\Users\Administrator>net start ontapavc /ipaddrtodns:false
The ONTAP AV Connector service is starting.
The ONTAP AV Connector service was started successfully.

transport and port
  • By default, the AV Connector issues ONTAPI calls to get a list of data LIFS over HTTPS and port 443
  • The mechanism to change this behavior is listed below:
  • /transport:http
    • With this setting, the AV Connector will utilize HTTP
    • This will need to be used in conjunction with the /port setting to port 80
  • /transport:https
    • With this setting, the AV Connector will utilize https. It will need to be used in conjunction with the /port setting to default back to port 443
    • This parameter is not required as this is the default behavior
  • /port:<port>
    • Values can be set for: 1 > 65535 (default 443)
  • By default, the AV Connector issues ONTAPI calls to get a list of data LIFS over HTTPS and port 443
  • The mechanism to change this behavior is listed below:
  • /transport:http
    • With this setting, the AV Connector will utilize HTTP
    • This will need to be used in conjunction with the /port setting to port 80
  • /transport:https
    • With this setting, the AV Connector will utilize https. It will need to be used in conjunction with the /port setting to default back to port 443
    • This parameter is not required as this is the default behavior
  • /port:<port>
    • Values can be set for: 1 > 65535 (default 443)

Note:  This methodcan be used in troubleshooting contents of the ZAPI call, needs to be captured in a packet trace or in situations where non-default ports are utilized for transport.

  • From the Vscan server, use a CMD promp to run: net start ontapavc /transport: http /port:80

Example:

C:\Users\Administrator>net start ontapavc /transport:http /port:80
The ONTAP AV Connector service is starting.
The ONTAP AV Connector service was started successfully.

Note: The same transport and port settings can be used when utilizing the AV Connector GUI for testing of ZAPI calls to the SVM.
 
  • Changing via this method will only affect the TEST functionality built into the GUI
  • Two ways to accomplish this:
    • Add parameters to the shortcut:

avconnector_1.png

Other Switches
  • Other switches that are available with AV Connector
    • Command-line option (version 1.0.3 and up) (/updatePassword:<user>:<newPassword>) for changing the password of an account.
      • Once mregfa application (“Configure ONTAP Management LIFs”) is run with this option, it goes through the list of mgmt entries and changes the passwords for the entries whose user-name matches the supplied user-name. For the entries with different user, it does nothing.
    • Silent install: /S /v /qn SVCUSERNAME=* SRV_PASSWORD=*
      • There is a way to install a windows executable silently
      • This can be used if users are planning to deploy a large number of AV servers: 
        • C:\>”ONTAP AV Connector-1.0.4.exe” /S /v /qn SVCUSERNAME=domain\admin SRV_PASSWORD=mypasswd"
  • Users might be able to utilize this procedure to try and automate AV Connector installs\configurations in their environment
    • This might require scripting knowledge and is outside the scope of Netapp Technical Support
      • Slient install:
        • C:\tempdir>"ONTAP AV Connector-1.0.4.exe" /S /v" /qn SVCUSERNAME=domaina\administrator SRV_PASSWORD=pass123!"
      • Add multi-string registry with some random password:
        • C:\>reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Data ONTAP\Clustered Data ONTAP Antivirus Connector\v1.0\mgmt-lifs" /v mgmt-lif:60:10.238.7.21 /t REG_MULTI_SZ /d "fsct\administrator\0randompassword\0"
          The operation completed successfully.
      • Update the password:
        • This also obfuscates the credentials and changes the registry format to binary
          • C:\Program Files (x86)\ONTAP AV Connector>mregfa.exe [/updatePassword:[user]:[password]]
          • C:\Program Files (x86)\ONTAP AV Connector>mregfa.exe /updatepassword:vsadmin:cifs*1234
      • Remote execution:
        • PS C:\Users\administrator.DOM> invoke-command -ComputerName vmwin204-254 -ScriptBlock { & 'C:\Program Files (x86)\ONTAP AV Connector\mregfa.exe' -something "/updatePassword:admin:netapp1!" }

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.