Data Backup and Recovery

SnapCenter Custom Account - ONTAP

davieb1969
4,253 Views

I have a customer who wants to use a custom account in ONTAP for Snapcenter. They have created a role with the following permissions on the cluster vserver but get the error "Error: Failed to connect to storage system, value cannot be null. Parameter name: source. Is something missing?

 

Thanks


DEFAULT none
event generate-autosupport-log all
job history show all
job stop all
lun all
lun create all
lun delete all
lun igroup add all
lun igroup create all
lun igroup delete all
lun igroup modify all
lun igroup rename all
lun igroup show all
lun mapping add-reporting-nodes all
lun mapping create all
lun mapping delete all
lun mapping remove-reporting-nodes all
lun mapping show all
lun modify all
lun move-in-volume all
lun offline all
lun online all
lun persistent-reservation clear all
lun resize all
lun serial all
lun show all
network interface readonly
network interface create readonly
network interface delete readonly
network interface modify readonly
network interface show readonly
snapmirror create all
snapmirror policy add-rule all
snapmirror policy create all
snapmirror policy delete all
snapmirror policy modify all
snapmirror policy modify-rule all
snapmirror policy remove-rule all
snapmirror policy show all
snapmirror restore all
snapmirror show all
snapmirror show-history all
snapmirror update all
snapmirror update-ls-set all
version all
volume clone create all
volume clone show all
volume clone split start all
volume clone split stop all
volume create all
volume destroy all
volume file clone create all
volume file show-disk-usage all
volume modify all
volume offline all
volume online all
volume qtree create all
volume qtree delete all
volume qtree modify all
volume qtree show all
volume restrict all
volume show all
volume snapshot create all
volume snapshot delete all
volume snapshot modify all
volume snapshot promote all
volume snapshot rename all
volume snapshot restore all
volume snapshot restore-file all
volume snapshot show all
volume unmount all
vserver readonly
vserver cifs all
vserver cifs create all
vserver cifs delete all
vserver cifs modify all
vserver cifs shadowcopy show all
vserver cifs share create all
vserver cifs share delete all
vserver cifs share modify all
vserver cifs share show all
vserver cifs show all
vserver create all
vserver export-policy all
vserver export-policy create all
vserver export-policy delete all
vserver export-policy rule create all
vserver export-policy rule delete all
vserver export-policy rule modify all
vserver export-policy rule show all
vserver export-policy show all
vserver iscsi all
vserver iscsi connection show all
vserver modify all
vserver show all

5 REPLIES 5

Ontapforrum
4,223 Views

Just trying to understand your scenario.

 

Looking at this error: Failed to connect to storage. Are you trying to add 'storage' from SnapCenter ?

 

So,
1) You have SnapCenter plug-in (for vmware or whatever) installed
2) You have a AD user or group created ? You log into SC and then add a user/group with SnapCenter defined roles ? Settings | Roles | Add..
Depending upon the 'Role', set of permissions are assigned (ex-create storage connection, resource group, clone, provision etc).

 

For example: In Active Directory, a group is created 'sc_managers', users are added to this group. Then, once you logged in to SC as 'admin', you go to settings, roles, and  create a role/permission and assign a 'group' created in AD or chose from existing role that best defines what permissions you want to give. Then the users of that group with the defined 'role' will be able to carry out tasks that the role permits.

 

I don't know if I am following you?

https://docs.netapp.com/ocsc-41/index.jsp?topic=%2Fcom.netapp.doc.ocsc-ag%2Fhome.html

davieb1969
4,205 Views

Hi, So the customer doesnt want to use the cluster admin account. Following the guide for minimum persmissions required for SnapCenter, the customer has created an ontap role and user account. In SnapCenter he has changed the login to the cluster to the custom account created; resulting in that error. It would appear all permissions are correct.

mrahul
4,173 Views

If I understand it correctly, the customer is registering Cluster (using custom user account) and not explicitly registering the individual SVMs. Modifying the cluster credentials from admin user to custom user account in SC UI is resulting in the error as reported.

There shouldn't be an issue using custom accounts with SnapCenter. The error "Failed to connect to the storage system" is usually given at times when SC is not able to reach the storage system specified. It can be even HTTPs timeout also.

 

If the network side seems to be fine, I would suggest the customer open a support ticket so that the concerned team can take a look at the logs for proper triage.

mrahul
4,218 Views

A list of minimum required ONTAP privileges is included in the SnapCenter Server installation guide. Request you to please cross-check the permissions against the document.

 

SnapCenter 4.3 Documentation Center link is 

https://docs.netapp.com/ocsc-43/index.jsp?topic=%2Fcom.netapp.doc.ocsc-isg%2FGUID-27F02419-2BD4-48E5-8EC2-30ABF58FB328.html&resultof=%22%4f%4e%54%41%5...

 

 

davieb1969
4,204 Views

hi, yes, the guide was used to create the role

Public