How to Use RBAC User Creator tool for Storage Replication Adapter 4.0

by Member on ‎2017-01-31 07:55 AM

Introduction


The RBAC User Creator for ONTAP® tool is a C# application that enables you to create RBAC usernames within ONTAP. You can use the RBAC User Creator tool to create users in both 7-mode and ONTAP environments.


The list of privileges created are stored in an XML (ontapPrivs.xml) file. The XML file enables you to gather the following information:


1. You can verify the privileges of the new user created by RBAC User Creator tool.
2. You can add privileges or products later without the need to recompile the application.


The RBAC User Creator tool is a framework where all the products and the privileges for those products are listed in the XML file. You can easily add support for another product or product version by updating the information in the XML file.

   

 

RBAC User Creator tool for Storage Replication Adapter 4.0


The RBAC User Creator tool is enhanced to allow creating new roles and users required for Storage Replication Adapter (SRA) 4.0 by adding additional information in the XML file.


Please note that Storage Replication Adapter (SRA) 4.0 supports ONTAP versions 8.3.2 onwards only.

 

Once you have downloaded and installed the RBAC User Creator tool from the ToolChest, you will need to perform the below steps to provide support for SRA 4.0.

 

Step 1: Replace XML for SRA 4.0 support


To enable support for SRA 4.0, please perform the following:


1. Download and keep a copy of the ontapPrivs.xml file (attached below).
2. Access the install directory of the RBAC User Creator tool.
This information is provided during installation. For example:- The default path would be: C:\Program Files (x86)\NetApp\RBAC User Creator
3. Replace the existing ontapPrivs.xml file with the downloaded .xml file.
4. Restart the RBAC User Creator tool.

 

You can start using the RBAC User Creator tool to create new roles and users.

Step 2: Setting up user names and privileges


You can create ONTAP user names with all the privileges required for SRA.


1. Enter the name of the root or admin user and IP of the storage system for which you want to create the user.
2. Click LOGIN .
The tool determines the controller type.
3. As the storage system is running ONTAP, the list of SVMs are displayed.
RBAC User Creator supports creating users on the Cluster-Admin SVM as well as on Data SVMs. Select the appropriate SVM from the drop-down list.
4. Select the product and product version.
For SRA 4.0, you must select product as “SRA for VMware SRM” and product version as “SRA 4.0 for VMware SRM”.
5. Select the ONTAP privilege role as “NAS/SAN Role”.
RBAC User Creator tool merges all the privileges from the selected roles and combines them in a sorted list.
6. Enter a name for the role , user, and password, and then click Submit.
NOTE: RBAC User Creator requires root or admin storage credentials for creating new user names.

 

Step 3: Adding storage systems


1. Log in into your SRA 4.0 system.
2. Add the storage system using the new username and password.


Known issues


While providing a role name, do not provide any names that begin with “vsadmin”. This will prevent creating any new roles or users.

 

 

Downloading and using RBAC User Creator


Refer to the following link for details regarding download and usage of RBAC User Creator tool:

How to use the RBAC User Creator for ONTAP

 

 

Resources

 

 

Comments
New Contributor

Thanks for doing this! Appreciated the work done

Warning!

This NetApp Community is public and open website that is indexed by search engines such as Google. Participation in the NetApp Community is voluntary. All content posted on the NetApp Community is publicly viewable and available. This includes the rich text editor which is not encrypted for https.

In accordance to our Code of Conduct and Community Terms of Use DO NOT post or attach the following:

  • Software files (compressed or uncompressed)
  • Files that require an End User License Agreement (EULA)
  • Confidential information
  • Personal data you do not want publicly available
  • Another’s personally identifiable information
  • Copyrighted materials without the permission of the copyright owner

Files and content that do not abide by the Community Terms of Use or Code of Conduct will be removed. Continued non-compliance may result in NetApp Community account restrictions or termination.