ONTAP Discussions

Create a user limited to create/delete snapshots on ontap 8.3

SorinAndruseac
3,646 Views

Hello,

 

I'm trying to create a user/pass to conect to the netapp storage from powershell and create/delete snapshots using this account. Preferable to have a more restrictive set of permissions.

And also a document on svm users vs cluster users if anyone knows, besides system administration guide.

 

BIG THANKS for any ideea.

 

 

1 ACCEPTED SOLUTION

georgevj
3,606 Views

security login role create snapRole -cmddirname "volume snapshot" -access all -vserver <vservername>
security login role modify -role snapRole -cmddirname DEFAULT -vserver <vservername> -access none
security login create -user-or-group-name snapUser -application ontapi -authmethod password -role snapRole -vserver <vservername>

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.

View solution in original post

4 REPLIES 4

georgevj
3,607 Views

security login role create snapRole -cmddirname "volume snapshot" -access all -vserver <vservername>
security login role modify -role snapRole -cmddirname DEFAULT -vserver <vservername> -access none
security login create -user-or-group-name snapUser -application ontapi -authmethod password -role snapRole -vserver <vservername>

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.

SorinAndruseac
3,586 Views

This is briliant, 

 

 

However when trying to connect on the managment interface of the svm, I get this error:

 

Connect-NcController : Insufficient privileges: user 'snapUser' does not have read access to this resource

 

 

 

SorinAndruseac
3,558 Views

I had to add the following. Seems to be working.

 

security login role modify -role snapRole -cmddirname version -vserver <vservername> -access all

 

 

BIG THANKS for the ideea 

georgevj
3,550 Views

You are welcome!

Its good to know that I did help someone today 🙂

Much Appreciated.

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Cannot find the answer you need? No need to open a support case - just CHAT and we’ll handle it for you.
Public