Monitoring changes to ONTAP users, groups and roles using Ops Manager

Any change to existing useradmin configuration on a storager system or vFiler could potentially cause a security hole (especially a misconfiguration), so its essential to track all changes.

Operations Manager 3.6 allows managing users, groups and roles (i.e. useradmin) on a storage system and vFiler units (See Management > Host Users in Ops Manager UI).

Operations Manager discovers all users, groups and roles on a system or vFiler and provides the following events that can help in tracking changes:

Event Name                                         Severity     Class
host-user-deleted                             Information  host-user.deleted 
host-user-discovered                          Information  host-user.discovered
host-user-modified                            Information  host-user.modified
host-usergroup-deleted                        Information  host-usergroup.deleted
host-usergroup-discovered                     Information  host-usergroup.discovered
host-usergroup-modified                       Information  host-usergroup.modified{color}
host-domainuser-modified                      Information  host-domainuser.modified
host-role-deleted                             Information  host-role.deleted 
host-role-discovered                          Information  host-role.discovered
host-role-modified                            Information  host-role.modified

You can create an alarm to track any changes :

$ dfm alarm create -h host-domainuser-modified -E <mail-id>

$ dfm alarm create -h host-user-modified -E <mail-id>

$ dfm alarm create -h host-user-discovered -E <mail-id>

On detecting any change, Ops Manager generate an alarm that looks like this (actual change mentioned in parantheses):

An Information event at 21 Mar 15:33 IST on Active/Active Controller

Host User Modified.

Users Modified: snmpv3: (Usergroup Membership Added: g1).

Re: Asset Management and Storage Owners

We use the custom comment fields in OM: metadata about the project and the owner. All the other details are put on our wiki.

We would like to put more info and 'workflow', but this is today a little bit to difficult in OM: a request for storage for a project (initial need, grow rate, Tier of storage, how to backup, owner), approval for the request and an order to implement.

For me, this must be an add-on for provision manager, so that the last step can go automatically.

Re: Asset Management and Storage Owners

Most of the Operations Manager community I speak with use the custom comment fields to add additional data to their asset management reports. More flexibility is always welcome, but the ability to add these custom comments seems a heavily valued feature.

Re: Asset Management and Storage Owners

Oops ! Looks like something wierd happened

I started a new thread for posting this, but had an edit session open for the older thread in another window. The two got mixed up