Microsoft Virtualization Discussions

Microsoft Virtualization Discussions

Highlighted

NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

mpedigo_usda
‎2019-02-08 03:16 PM

Hello,

 

I'm new to this environment and trying to set up NetAppDocs 3.4 in an ONTAP 9.3P5 environment.  In order to authenticate in this environment I have a username which includes doman\io.firstname.lastname with a length of  22 characters.    My username in ONTAP is domain method with the admin role.  I have ssh, http, and ontapi enabled.  I can putty or system manager into the controllers with no issues.

 

My syntax is:

 

Get-NtapClusterData -Name hostname -credential domain\io.firstname.lastname -verbose | Format-NtapClusterData | Out-NtapDocument -WordFile ***.Docx' -ExcelFile ***.xlsx'

 

The error is:

 

VERBOSE: Initializing function: Get-NtapClusterData (netappdocs v3.4.0.547)
VERBOSE: Validating connectivity to system: hostname
VERBOSE: Using supplied credentials
VERBOSE: Trying HTTP/HTTPS
VERBOSE: Connected to hostname using HTTPS
VERBOSE: Skipping EMS logging
VERBOSE: Validating successful connection
VERBOSE: Validating user roles
Get-NtapClusterData : Unable to gather data from system. Reason: User account does not have the minimum access level
required. See the FAQ entry in the help files for more information.
At line:1 char:1
+ Get-NtapClusterData -Name hostname -credential domain\io.firstname.la ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ConnectionError: (hostname:String) [Get-NtapClusterData], Exception
+ FullyQualifiedErrorId : ConnectionFailed,Test-NtapStorageSystemConnection,Get-NtapClusterData

 

Any suggestions on how to resolve this issue?  Please let me know if you need more data.

 

Thanks!

 

Mike

 

Reply
4 Replies
0 Likes
4 REPLIES 4
Highlighted

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

Vidyanand
‎2019-02-12 09:17 PM

ontapi might be missing. use below command

 

 security login create -user-or-group-name <localusername> -application ontapi -authentication-method password -role admin

Reply
4 Replies
0 Likes
Highlighted

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

mpedigo_usda
‎2019-02-13 07:22 AM

As I stated in my original post.  My user account has ONTAPI application configured for admin role.   Thank you for your response!

Reply
4 Replies
0 Likes
Highlighted

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

mpedigo_usda
‎2019-02-13 07:51 AM

I tried to create a local account.  It required the console application in addition to ontapi and http, but it did work.  console is not an option for domain accounts.   The only difference between working and not working is a local account which includes console applicaiton and a domain account in the form domain\io.firstname.lastname.

 

Ideas?

Reply
4 Replies
0 Likes
Highlighted

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

cole
NetApp
‎2019-02-16 04:30 PM

Yep, the console role is required and as you mentioned, a domain account cannot be assigned the console role. The issue is that for some of the data I need to use the CLI command instead of an API and this requires the console role.

View solution in original post

Reply
4 Replies
Ask A Question
Try the NEW Knowledgebase!
NetApp KB Site
Forums
Learn about the Community Get Started
Still have Questions Start a Discussion
Rules of the Community Read More
© 2020 NetApp
Let us know