Active IQ Unified Manager Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Active IQ Unified Manager Discussions

Ask a Question

User manipulation fails on vfiler

heyfisch
‎2013-03-11 09:05 AM
7,836 Views

Hi,

while adding users on the root filer works fine, I have problems doing the same thing on the vfiler. WFA/PoSh comes back with a group error.

root Filer - all cool:

PS C:\Program Files\NetApp\WFA> New-NaUser -User wfa -Password mrgl0815  -Comment "wfa test" -Groups administrators

Name                 Comment                                  Groups

----                 -------                                  ------

wfa                  wfa test                                 {Administrators}

vFiler - strange group error:

PS C:\Program Files\NetApp\WFA> New-NaUser -User wfa -Password mrgl0815  -Comment "wfa test" -Groups administrators

New-NaUser : Could not add user <wfa>. Error: User cannot access group(s)

At line:1 char:11

+ New-NaUser <<<<  -User wfa -Password mrgl0815 -Comment "wfa test" -Groups administrators

    + CategoryInfo          : InvalidOperation: (itana09.muc:NaController) [New-NaUser], EINTERNALERROR

    + FullyQualifiedErrorId : ApiException,DataONTAP.PowerShell.SDK.Cmdlets.Useradmin.NewNaUser

Same thing happens, when creating the user without a group and trying to add the user to a group afterwords.

Any ideas?

Thx and rgds,

Dieter

0 Kudos
View By:
1 ACCEPTED SOLUTION

goodrum
NetApp Alumni
‎2013-03-11 12:07 PM
7,833 Views

The issue is that the vFiler command doesn't support adding the group when executed against the context of the vFiler.  This means that you need to use a two fold step to set the group for a new vFiler user.  Below is a code snippet from a command that I will soon publish called - Prepare System for Cifs.  In this case, we are either setting up Cifs on the vFiler0 or vFiler context and depending on the variable set, the appropriate selection is made.  The issue is with the PoSH cmdlet and not WFA or the syntax.  Hope this helps!

--SNIPPET CODE--

# Create Built-In Administrator Account

$userExists = Get-NAUser

if($builtin_admin -and !($userExists.name -contains "administrator"))

  {

    if(!$VfilerName)

    {

        Get-WFALogger -Info -message $("Setup CIFS Local Administrator account")

        New-NaUser Administrator $builtin_admin Administrators

    } else

    {

        $addAdmin = "vfiler run " + $VfilerName + " useradmin user modify administrator -g Administrators"

        Get-WFALogger -Info -message $("Setup CIFS Local Administrator account")

        New-NaUser Administrator $builtin_admin

        Invoke-NaSSH $addAdmin

    }

  }

########################

Jeremy Goodrum, NetApp

The Pirate

Twitter: @virtpirate

Blog: www.virtpirate.com

View solution in original post

0 Kudos
11 REPLIES 11
All Community Forums
Public