ONTAP Discussions

Any roles which is equivalent to Windows or ONTAP 7.* "Backup Operator", on Netapp ONTAP 8.1.*?

SMEGHANI2009
3,404 Views

Hi everybody,

I have been working on application which is basically scans folders and gets NTFS permissions. But there is a case that User, that application running with, might not have permission on certain folder then my application does not get permission from that folder but if that user is member of "Backup Operator"(local group) then it can get permission for all folders even though there is explicitly deny permission. I can see "Backup Operator" roles/groups on ONTAP 7.* but there is not "Backup operator" roles on ONTAP 8.1.*.

Anyone know??

1 ACCEPTED SOLUTION

snagesh
3,404 Views

Hi Sanjay

     There are two ways to accomplish this

1. Scanning through ONTAPIs

Similar role to 7 mode backup operators is available in Cluster Mode also. You may try it. we have not tested it. The usage is as shown below if your crawler is using ontapi(ZAPIs).

testvs::vserver fpolicy*> security login create -username r3\administrator -application ontapi -authmethod domain -role vsadmin-backup -vserver sncifs

testvs::vserver fpolicy*> security login show -vserver sncifs -username r3\administrator

Vserver: sncifs

Authentication Acct

UserName Application Method         Role Name        Locked

---------------- ----------- -------------- ---------------- ------

r3\administrator ontapi domain vsadmin-backup   -

2. Scanning over CIFS

You need to use FPolicy privileged access method.

View solution in original post

1 REPLY 1

snagesh
3,405 Views

Hi Sanjay

     There are two ways to accomplish this

1. Scanning through ONTAPIs

Similar role to 7 mode backup operators is available in Cluster Mode also. You may try it. we have not tested it. The usage is as shown below if your crawler is using ontapi(ZAPIs).

testvs::vserver fpolicy*> security login create -username r3\administrator -application ontapi -authmethod domain -role vsadmin-backup -vserver sncifs

testvs::vserver fpolicy*> security login show -vserver sncifs -username r3\administrator

Vserver: sncifs

Authentication Acct

UserName Application Method         Role Name        Locked

---------------- ----------- -------------- ---------------- ------

r3\administrator ontapi domain vsadmin-backup   -

2. Scanning over CIFS

You need to use FPolicy privileged access method.

Public