Software Development Kit (SDK) and API Discussions

What is the "cmddirname" for ONTAPI "fpolicy-server-connect" in-order to create security login role?

Anshul
1,543 Views

What is the "cmddirname" for ONTAPI "fpolicy-server-connect" in-order to create security login role?

****::*> security login role create -role myrole -cmddirname "vserver fpolicy server" -access all

Error: command failed: failed to set field "cmddirname" to "vserver fpolicy server"

We are using "fpolicy-server-connect" in our code and hence want to create a user with minimum privilege's to run this ONTAPI i.e. "fpolicy-server-connect".
Please help us to find minimum privilege user role to run this ONTAPI.

1 REPLY 1

Ontapforrum
1,522 Views

I used these commands in 2017, don't know how relevant they are now. But, following should suffice to give user API access.

security login role create –role vrnsrole –cmddirname “vserver fpolicy” –vserver SVM_NFS
security login role create –role vrnsrole -cmddirname “volume” –vserver SVM_NFS –access all
security login role create –role vrnsrole –cmddirname “vserver” – vserver SVM_NFS –access all
security login role create -role vrnsrole -cmddirname "version" – vserver SVM_NFS -access all

 

To grant ONTAPI access for the NetApp cluster for an Active Directory user, run the following command on the cluster console:
security login create –vserver <vservername> -username <domain\username> -application ontapi -authmethod domain -role <rolename>

Public