Skip to main content
NetApp Stage KB

Is it possible to configure a user for ActiveIQ Unified Manager for Cluster Mode without using the Admin role?

Views:
Visibility:
Public
Votes:
0
Category:
active-iq-unified-manager
Specialty:
OM
Last Updated:

 

 

Applies to

  • ActiveIQ Unified Manager (AIQ UM)
  • OnCommand Unified Manager (OCUM)
  • ONTAP 9

Answer

Per the Adding Clusters section in the AIQ UM documentation, the follow account information is required:

  • ONTAP administrator user name and password
    This account must have the admin role with Application access set to ontapi, ssh, and http.

To clarify, the 'admin' account is not required, but the user that is specified does require the admin role for the specified applications.

If you tried to assign a read-only role to a user for monitoring, it would break the functionality of AIQ UM to execute anything on the cluster.
Examples are:

  • Data Protection
  • EMS Subscriptions
  • Registering UM with the cluster

Because limiting the scope of the Ontap account used in AIQ UM is known to break functionality between AIQ UM and the cluster, configuring a user with a role other than admin is not supported by NetApp Technical Support at this time.

If the functionality is not required, a custom read only user may be used after the cluster has been added to AIQ UM. Because AIQ UM registers itself in multiple places during the cluster add process, it is not possible to bypass this requirement until after the cluster has been added and the initial polling has been completed.

See KB ActiveIQ Unified Manager read-only account privileges for clustered Data ONTAP for more information on creating the read only user.

Additional Information

A Request For Enhancement (RFE) has been submitted to NetApp Engineering to provide an option to limit the required roles and privileges needed for AIQ UM to monitor the cluster. This request is tracked via Bug 1016366.

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.