I am having issues moving a Python tool I wrote using the Netapp Manageability SDK from the default admin user 'root' to a new user with only specifc Capabilities enabled. As the 'root" user the tool works fine. But any time I change the connection to another user I get the following error:
HTTPPool03:warning]: HTTP XML Authentication failed from xxx.xxx.xxx.xxx
and the API call returns
Per the KB articles and other posts I have read I have all of the following options on the filer:
httpd.access legacy httpd.admin.access legacy httpd.admin.enable on httpd.admin.hostsequiv.enable off httpd.admin.ssl.enable on
and I added the login-http-admin capability to the role I created for this tool. The role also contains a list of the api-* capabilities that are required for the tool.
here is how I created the user
useradmin role add tool_role -a login-http-admin,api-volume-list-info,etc....
useradmin group add tool_client_group -r tool_role
useradmin user add user1 -g tool_client_group
I have tried to reset the password a few times.. Even if I set the role Capabilities to login-*,api-* I get the same error so I do not believe its related to Capabilties but then again I feel like I am missing something very simple either in options. or the RBAC to make this work as a less priveledged user.
Prior to your modifications, were you able to get a response after posting xml? If so are you posting to the servlets/netapp.servlets.admin.XMLrequest_file? Haven't been able to find anything specific to the servlets and was curious. Should there be a servlets directory after installing OnTap?
Not sure which modifications you are refering to? Before I set the options correctly on the filer the SDK was not able to connect at all, but once I had those correct any API call I made worked fine with the "root" user. I did not intially attempt with any other user until I had spent some time learning how to use the SDK.
I dont see any reference to a servlet directory in the docs or in the filers root volume? Can you clarify what you mean?
I am trying to connect to a filer and get back storage information like volume, xtree, aggregate, etc. In order to do so, I am posting xml via http and the url provided is structure like this (/servlets/netapp.servlets.admin.XMLrequest_filer) according to the docs. Are you posting xml at all? How do you set options on the filer, perhaps there is something there I am missing.