Software Development Kit (SDK) and API Discussions

Issue with hosts based authentication and https

richard_payne
7,447 Views

Hello,

I wrote a script using the SDK a few months ago. It's using 'HOSTS' as the auth style, with the transport_style of HTTPS. The intent was to load the snapmirror data from all of our file servers and for most of them it works just fine. I just setup two new filers and am receiving this error:

Warning: Error were encountered on this run!

Warning:User  does not have capability to invoke API snapmirror-get-status. for file server deadpool

and on the console:

Thu Aug 21 11:44:31 EDT [deadpool:useradmin.unauthorized.user:warning]: User '' denied access - missing required capability: 'api-snapmirror-get-status' 

Now the script is run from a host that has root access via rsh (and ssh FWIW) to the file server, and is run as root. Sure enough this is failing on both of the new hosts (these are running 8.2.1P2 if it matters). I did a diff on the options between this filer and a working filer and didn't see anything related to httpd or auth.

Now I also have 3 or 4 file server running 8.1 that return a similar message:

Warning:User XXX  does not have capability to invoke API snapmirror-get-status. for file server bucket

Now in this case the user XXX is the account we use the the RSA from the service processor. Again this is run as root from a root host, no where in the code am I using the XXX account (I even added a set_admin_user('root') as a test but no difference).

What am I missing?

thx,

--rdp

1 ACCEPTED SOLUTION

Richard_S
6,415 Views

Hi, this is in fact an ONTAP bug that has been previously identified and there is a bugfix release that can be obtained (at least it's available for 8.1.4 - it's version 8.1.4P1D7). Note that the bug is specific to the hosts.equiv auth method. The bug ID is 269652 - the description of which might be only available internally. If you can get hold of that version (8.1.4P1D7) I'd be interested to hear if it fixes your issue.

 

RS

View solution in original post

15 REPLIES 15
Public