Data Backup and Recovery

RunAs user with Snapcenter 4.0

sbennett1298
2,227 Views

I am having problems with RunAs credentials in Snapcenter 4.0.

I cannot add Linux RunAs credentials from the VSphere pluggin in Vcenter. The Credential type is set to Windows and cannot be changed.

I am able to add the Linux credential on the SnapCenter server but when I add it there it does not show up in Vcenter. The Windows RunAs credentials I add on the SnapCenter server do show up in Vcenter.

 

-sbennett1298

 

1 REPLY 1

Spaceball
2,130 Views

Hi,
I'm not sure if I understand Your Problem but let me give it a try.

It cost me some time as well to get "Run as" working as it should.

 

The "Run as" User configured in SnapCenter (settings->Run As Credentials) is an ordinary System-User at  Host side, granted by some root or administrator

privileges -also at the host side.

 

So as an example, I`m snapping hana databases on linux hosts and so I need a user on the hana-host side who is able to do a ssh login and need some additional

sodo privileges.

 

My Unix-Admin added a function-user named "fcsnap" on the HANA_HOST1.

fcsnap is allowed login to the hana host by ssh and password (not passphrase) and to do some sodo-commands, declared inside the /etc/sodoers.d/fcsnap configuration file:

###############

cmnd_Alias NETAPP_SCCMD = /tmp/sc-plugin-installer/snapcenter_linux_host_plugin.bin *, \
                                                     /opt/NetApp/snapcenter/spl/installation/plugins/uninstall, \
                                                    /opt/NetApp/snapcenter/spl/bin/spl
Cmnd_Alias NETAPP_PRECHECKCMD = /tmp/netapp/Linux_Prechecks.sh
fcsnap ALL=(ALL) NOPASSWD:SETENV: NETAPP_SCCMD, NETAPP_PRECHECKCMD

Defaults:fcsnap !visiblepw
Defaults:fcsnap !requiretty

###############

 

 

so at snapcenter runas config, the "run as name" is "HANA_HOST1_fcsnap"

where the "username" is "fcsnap",

the password is the "password" given by my uni-admin

and "Authentication" is "Linux"

 

If You have a Windows host, it should be very semiar (I have no experience in Windows User privilege management) 

 

Let me know if this helps You a bit or if I totaly misunderstood Your Problem.

Public