ONTAP Discussions

cannot create rest role access system manager

chinchillaking
636 Views

Hi All,

 

We try create 9.10.1 RBAC access OnTap System Manage for operation as below.

- domain user with operation_team role as below cannot login System manager

chinchillaking_0-1653038049857.png

 

- when domain user change to default readonly role, login System Manage no problem

chinchillaking_1-1653038096689.png

 

- the operation_team missing /api/security compare with default readonly role, we try add /api/security but failed and display "Error: command failed: failed to set field "cmddirname" to "anti-ransomware volume""

chinchillaking_2-1653038139032.png

 

- volume did not setup anti-ransomware

chinchillaking_3-1653038180404.png

 

I cannot found solution in google or mysupport.netapp.com

 

 

 

1 ACCEPTED SOLUTION

chinchillaking
564 Views

Hi TMACMD,

 

Thanks for your reply. But the role cannot add

chinchillaking_0-1653101860704.png

 

chinchillaking_1-1653101891379.png

 

 

But I found it was not /api/security compare with default readonly role issue, it was web services access issue, after add security and sysmgr in web access, login successful

chinchillaking_2-1653102082017.png

 

View solution in original post

2 REPLIES 2

TMACMD
604 Views

Try looking at the role first. Note this is the role and not the rest-role. They play together

 

 security login role show -vserver cmode9101 -role operation_team

 

 you may need to add a role

 

 security login role add -vserver cmode9101 -role operation_team -cmddir “anti-ransomware volume” -access readonly

 

 of course set the access as needed. Then try adding your rest-role again

 

chinchillaking
565 Views

Hi TMACMD,

 

Thanks for your reply. But the role cannot add

chinchillaking_0-1653101860704.png

 

chinchillaking_1-1653101891379.png

 

 

But I found it was not /api/security compare with default readonly role issue, it was web services access issue, after add security and sysmgr in web access, login successful

chinchillaking_2-1653102082017.png

 

Public