Effective December 3, NetApp adopts Microsoft’s Business-to-Customer (B2C) identity management to simplify and provide secure access to NetApp resources.For accounts that did not pre-register (prior to Dec 3), access to your NetApp data may take up to 1 hour as your legacy NSS ID is synchronized to the new B2C identity.To learn more, read the FAQ and watch the video.Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.
I would like to create »read-only« user for monitoring using system manager.
I have created next role with these capatiblities:
useradmin role add monitor -a api-aggr-check-spare-low,api-aggr-get*,api-aggr-list-info,api-aggr-options-list-info,api-cf-status,api-disk-list-info,api-disk-sanown-list-info,api-license-list-info,api-options-get,api-perf-object-get-instances,api-snapshot-reserve-list-info,api-snmp-status,api-system-get*,api-volume-get*,api-volume-list*,api-volume-options-list*,cli-priv,login-http-admin,api-clock-get-timezone,api-lun-list-info,api-igroup-list-info,api-cifs-share-list-iter-start,api-useradmin-user-list,api-useradmin-group-list,api-registry-list-info,api-registry-get,api-nfs-status,api-iscsi-interface-list-info,api-iscsi-service-status,api-fcp-service-status,api-fcp-adapter-list-info,api-file-read-file,api-options-list-info,api-snmp-get,api-perf-object-counter-list-info,api-clock-get-clock,api-snapshot-list-info,api-system-cli,cli-uptime,api-cifs-share-list-iter-next,api-lun-initiator-list-map-info,api-lun-get-comment,api-lun-map-list-info,login-ssh,api-registry-set
Then i have created group with role (»smonitor«):
Useradmin group add skr-fas-monitor –r monitor
And finally i have created user (»ro-user«):
Useradmin user add ro-user –g monitor
The problem is that i can login normally with that user in CLI interface (putty). Login into System Manager is not working. I have both capatibilities for login: »login-http-admin« and »login-ssh«.
DataONTAP version is 8.1.2. In version DataONTAP 7.3.6 this is working OK.