Shutdown Script with RBAC
2015-12-09 04:53 AM
I'm trying to do an automated shutdown using powershell toolkit, involving Invoke-NCSsh (Clustered DataONTAP)
Problem is, as long as the user (in the script) has the role set DEFAULT = ALL this script works.
connect first controller
system node halt -node Cluster-01 -inhibit-takeover true -skip-lif-migration-before-shutdown true
connect second controller
system node halt -node Cluster-02 -inhibit-takeover true -skip-lif-migration-before-shutdown true
prompts "Error not authorized for that command"
As soon as I change the role of the user to DEFAULT=read-only and grant only access to "system" = all, this script won't work.
A normal SSH session via putty and the same user lets me halt the controllers manually.
Am I missing something in the RBAC rights management?