Microsoft Virtualization Discussions

NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

Hello,

 

I'm new to this environment and trying to set up NetAppDocs 3.4 in an ONTAP 9.3P5 environment.  In order to authenticate in this environment I have a username which includes doman\io.firstname.lastname with a length of  22 characters.    My username in ONTAP is domain method with the admin role.  I have ssh, http, and ontapi enabled.  I can putty or system manager into the controllers with no issues.

 

My syntax is:

 

Get-NtapClusterData -Name hostname -credential domain\io.firstname.lastname -verbose | Format-NtapClusterData | Out-NtapDocument -WordFile ***.Docx' -ExcelFile ***.xlsx'

 

The error is:

 

VERBOSE: Initializing function: Get-NtapClusterData (netappdocs v3.4.0.547)
VERBOSE: Validating connectivity to system: hostname
VERBOSE: Using supplied credentials
VERBOSE: Trying HTTP/HTTPS
VERBOSE: Connected to hostname using HTTPS
VERBOSE: Skipping EMS logging
VERBOSE: Validating successful connection
VERBOSE: Validating user roles
Get-NtapClusterData : Unable to gather data from system. Reason: User account does not have the minimum access level
required. See the FAQ entry in the help files for more information.
At line:1 char:1
+ Get-NtapClusterData -Name hostname -credential domain\io.firstname.la ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ConnectionError: (hostname:String) [Get-NtapClusterData], Exception
+ FullyQualifiedErrorId : ConnectionFailed,Test-NtapStorageSystemConnection,Get-NtapClusterData

 

Any suggestions on how to resolve this issue?  Please let me know if you need more data.

 

Thanks!

 

Mike

 

4 REPLIES 4

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

ontapi might be missing. use below command

 

 security login create -user-or-group-name <localusername> -application ontapi -authentication-method password -role admin

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

As I stated in my original post.  My user account has ONTAPI application configured for admin role.   Thank you for your response!

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

I tried to create a local account.  It required the console application in addition to ontapi and http, but it did work.  console is not an option for domain accounts.   The only difference between working and not working is a local account which includes console applicaiton and a domain account in the form domain\io.firstname.lastname.

 

Ideas?

Re: NetAppDocs not able to authenticate due to insufficient role error: user account has admin role

Yep, the console role is required and as you mentioned, a domain account cannot be assigned the console role. The issue is that for some of the data I need to use the CLI command instead of an API and this requires the console role.

Forums