Microsoft Virtualization Discussions

Microsoft Virtualization Discussions

NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

mpedigo_usda
‎2019-02-08 03:16 PM

Hello,

 

I'm new to this environment and trying to set up NetAppDocs 3.4 in an ONTAP 9.3P5 environment.  In order to authenticate in this environment I have a username which includes doman\io.firstname.lastname with a length of  22 characters.    My username in ONTAP is domain method with the admin role.  I have ssh, http, and ontapi enabled.  I can putty or system manager into the controllers with no issues.

 

My syntax is:

 

Get-NtapClusterData -Name hostname -credential domain\io.firstname.lastname -verbose | Format-NtapClusterData | Out-NtapDocument -WordFile ***.Docx' -ExcelFile ***.xlsx'

 

The error is:

 

VERBOSE: Initializing function: Get-NtapClusterData (netappdocs v3.4.0.547)
VERBOSE: Validating connectivity to system: hostname
VERBOSE: Using supplied credentials
VERBOSE: Trying HTTP/HTTPS
VERBOSE: Connected to hostname using HTTPS
VERBOSE: Skipping EMS logging
VERBOSE: Validating successful connection
VERBOSE: Validating user roles
Get-NtapClusterData : Unable to gather data from system. Reason: User account does not have the minimum access level
required. See the FAQ entry in the help files for more information.
At line:1 char:1
+ Get-NtapClusterData -Name hostname -credential domain\io.firstname.la ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ConnectionError: (hostname:String) [Get-NtapClusterData], Exception
+ FullyQualifiedErrorId : ConnectionFailed,Test-NtapStorageSystemConnection,Get-NtapClusterData

 

Any suggestions on how to resolve this issue?  Please let me know if you need more data.

 

Thanks!

 

Mike

 

Reply
4 Replies
0 Likes
4 REPLIES 4

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

Vidyanand
‎2019-02-12 09:17 PM

ontapi might be missing. use below command

 

 security login create -user-or-group-name <localusername> -application ontapi -authentication-method password -role admin

Reply
4 Replies
0 Likes

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

mpedigo_usda
‎2019-02-13 07:22 AM

As I stated in my original post.  My user account has ONTAPI application configured for admin role.   Thank you for your response!

Reply
4 Replies
0 Likes

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

mpedigo_usda
‎2019-02-13 07:51 AM

I tried to create a local account.  It required the console application in addition to ontapi and http, but it did work.  console is not an option for domain accounts.   The only difference between working and not working is a local account which includes console applicaiton and a domain account in the form domain\io.firstname.lastname.

 

Ideas?

Reply
4 Replies
0 Likes

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

cole
NetApp
‎2019-02-16 04:30 PM

Yep, the console role is required and as you mentioned, a domain account cannot be assigned the console role. The issue is that for some of the data I need to use the CLI command instead of an API and this requires the console role.

Reply
4 Replies
0 Likes
Start a Discussion
Forums
Learn about the Community Get Started
Still have Questions Start a Discussion
Rules of the Community Read More
© 2019 NetApp
Let us know