Solved: cannot create rest role access system manager

chinchillaking · ‎2022-05-20

Hi All,

We try create 9.10.1 RBAC access OnTap System Manage for operation as below.

- domain user with operation_team role as below cannot login System manager

- when domain user change to default readonly role, login System Manage no problem

- the operation_team missing /api/security compare with default readonly role, we try add /api/security but failed and display "Error: command failed: failed to set field "cmddirname" to "anti-ransomware volume""

- volume did not setup anti-ransomware

I cannot found solution in google or mysupport.netapp.com

chinchillaking · ‎2022-05-20

Hi TMACMD,

Thanks for your reply. But the role cannot add

But I found it was not /api/security compare with default readonly role issue, it was web services access issue, after add security and sysmgr in web access, login successful

View solution in original post

TMACMD · ‎2022-05-20

Try looking at the role first. Note this is the role and not the rest-role. They play together

security login role show -vserver cmode9101 -role operation_team

you may need to add a role

security login role add -vserver cmode9101 -role operation_team -cmddir “anti-ransomware volume” -access readonly

of course set the access as needed. Then try adding your rest-role again

chinchillaking · ‎2022-05-20

Hi TMACMD,

Thanks for your reply. But the role cannot add

But I found it was not /api/security compare with default readonly role issue, it was web services access issue, after add security and sysmgr in web access, login successful

cannot create rest role access system manager

Get ready to power on