You are correct, the Set-NaVfilerPassword cmdlet should set the password for the vfiler root user. I have a few questions:
- What version of Data ONTAP are you using?
- Are you creating the vfiler using the New-NaVfiler cmdlet? If not, how are you creating the vfiler?
- Are you using any other Set-NaVfiler* cmdlets in your process? If so, which ones?
***Edit (with a little more information)***
This is a known issue with ONTAP where the API that Set-NaVfilerPassword uses does not update the password if the root user already exists. There is no short-term resolution plan. You can workaround this by connecting directly to the vfiler and using Set-NaUserPassword.
Thank you for the sample script. With that, I was able to reproduce the behavior you are describing. The Set-NaVfilerPassword cmdlet makes use of the vfiler-setup API, which allows us to set up several properties of the vfiler (Set-NaVfilerAddress, Set-NaVfilerAdminHost, Set-NaVfilerDns, and Set-NaVfilerNis also make use of vfiler-setup). In order for the vfiler-setup API to create the root account, the IP bindings must be passed along in the same API call. This is not currently how the Set-NaVfilerPassword cmdlet works, so the root account is not created.
The good news is, the forthcoming toolkit 1.4 includes a cmdlet Invoke-NaSystemApi which allows you to send raw API requests to Data ONTAP. I've copied a sample script below that I have used to successfully create a vfiler with a root account.
Hi, Sjalla. We weren't aware that ONTAP's vfiler-setup API had this bug you identified, so thanks for pointing it out. Steven's suggestion should work with Toolkit 1.4, due "soon". You might also try his suggestion of connecting directly to the vfiler and issuing Set-NaUserPassword. I've also captured an enhancement request to add a vfiler setup cmdlet to a future release that would let you more fully configure a vfiler in one call.