Hi!

I would like to create »read-only« user for monitoring using system manager.

I have created next role with these capatiblities:

useradmin role add monitor -a   api-aggr-check-spare-low,api-aggr-get*,api-aggr-list-info,api-aggr-options-list-info,api-cf-status,api-disk-list-info,api-disk-sanown-list-info,api-license-list-info,api-options-get,api-perf-object-get-instances,api-snapshot-reserve-list-info,api-snmp-status,api-system-get*,api-volume-get*,api-volume-list*,api-volume-options-list*,cli-priv,login-http-admin,api-clock-get-timezone,api-lun-list-info,api-igroup-list-info,api-cifs-share-list-iter-start,api-useradmin-user-list,api-useradmin-group-list,api-registry-list-info,api-registry-get,api-nfs-status,api-iscsi-interface-list-info,api-iscsi-service-status,api-fcp-service-status,api-fcp-adapter-list-info,api-file-read-file,api-options-list-info,api-snmp-get,api-perf-object-counter-list-info,api-clock-get-clock,api-snapshot-list-info,api-system-cli,cli-uptime,api-cifs-share-list-iter-next,api-lun-initiator-list-map-info,api-lun-get-comment,api-lun-map-list-info,login-ssh,api-registry-set

Then i have created group with role (»smonitor«):

Useradmin group add skr-fas-monitor –r monitor

And finally i have created user (»ro-user«):

Useradmin user add ro-user –g monitor

The problem is that i can login normally with that user in CLI interface (putty). Login into System Manager is not working. I have both capatibilities for login: »login-http-admin« and »login-ssh«.

DataONTAP version is 8.1.2. In version DataONTAP 7.3.6 this is working OK.

I have also found this KB: https://kb.netapp.com/support/index?page=content&id=1011412&locale=en_US

But also not working with 8.1.3.

Do i have to add some extra API-capatibilites for System Manager?

Can you help me with that? Does anybody know a solution for this?

Thank you!

Klemen