Custom role with Remove-NcSnapshot returning error 403, but still deletes snapshots

Welcome!

An account will enable you to access:
- NetApp support's essential features
- NetApp communities
- NetApp trainings
- Sign in to my account
- Don't have an account?
  Create an account
Learn
Browse

Microsoft Virtualization Discussions

22 Views

I created a new role that should only have snapshot permissions to volumes ending with _stg:

security login role create -role stg-admin -vserver dc -cmddirname "volume" -access readonly
security login role create -role stg-admin -vserver dc -cmddirname "vserver" -access readonly
security login role create -role stg-admin -vserver dc -cmddirname "network interface" -access readonly
security login role create -role stg-admin -vserver dc -cmddirname "volume snapshot" -query "-volume *_stg" -access all

A new user with that role is not able to delete a random snapshot for vol1, but is able to delete snapshots from vol2_stg. So permissions are working properly. The problem is I'm getting "Remove-NcSnapshot : [403]: not authorized for that command" on both examples, even when it does successfully delete the vol2_stg vol snapshot. Am I missing a permission it's expecting even though it is successfully deleting them? Or is this a bug in NetApp.ONTAP module?

0 REPLIES 0

All Community Forums

Public

Custom role with Remove-NcSnapshot returning error 403, but still deletes snapshots

New video on NetApp KB TV

New video on NetApp KB TV

New video on NetApp KB TV