vserver show api missing from ontap?

Welcome!

An account will enable you to access:
- NetApp support's essential features
- NetApp communities
- NetApp trainings
- Sign in to my account
- Don't have an account?
  Create an account
Learn
Browse

Active IQ Unified Manager Discussions

1,702 Views

Hello everyone,

I ran into an issue where I created a specific role for a customer of mine. the customer connects directly to an svm using perl api implementation. one of the commands he runs is "vserver show" which translates to "vserver-get" or "vserver-get-iter" and I can see that by using "security login role show-ontapi -command "vserver show" even from the svm contetxt.

The problem starts when I as the cluster admin try to add to the role the command "security login role create -role customer_role -vserver customer_vs -cmddirname "vserver show"-access all" and I get the error "command failed: invalid operation"

does anyone have a clue why this happens? is there a way to fix it?

I was to somehow workaround this by adding all the "vserver" cmddirname with readonly access but it allows him to view many more flags under the vserver command that I would like to hide.

anyone with a solution?

Thanks in advance

Forgot to mention - talking about ontap 9.3 and also tested on ontap select 9.4 with the same error on all of them