Hi,
I'm trying to create an user with the following role permission:
netappcdot823::> security login role show -vserver netappcdot823 -role operators
VServer Role Name Command/Directory Query Access Level
------------------------------------------------------------
netappcdot823 operators DEFAULT none
netappcdot823 operators system node halt all
The objective is to create an user with the halt capability only, and no more permissions if possible.
When I login with that user and issue a "system node halt" command, it seems there is a lack of other permissions.
netappcdot823::> system node halt
Warning: Are you sure you want to halt node "netappcdot823-01"? {y|n}: y
Error: not authorized for that command
Note: I'm doing this on Ontap Simulator 8.2.3 CDOT.
Changing the "DEFAULT" access level to "all" works, but this is not desired because all other commands are also allowed (acts like an admin user).
Any idea?
Thanks!