RBAC with VSC 6.2.1 and ONTAP 9.0

Hi everybody,

I have created a role and user for VSC on ONTAP 9.0 cluster via RBAC user creator. The user has only discovery permissions, because it is not used for backup, restore or cloning operations.

The role has the following capabilities:

security login role show -role vsc_role

Role Command/ Access

Vserver Name Directory Query Level

---------- ------------- --------- ----------------------------------- --------

vmware vsc_role DEFAULT none

lun create readonly

lun geometry readonly

lun igroup create readonly

lun igroup modify readonly

lun igroup show readonly

lun mapping create readonly

lun mapping delete readonly

lun mapping show readonly

lun modify readonly

lun show readonly

network interface readonly

security login role show-user-capability all

set all

snapmirror create all

snapmirror list-destinations readonly

snapmirror show all

version readonly

volume create readonly

volume efficiency modify all

volume efficiency show all

volume efficiency stat all

volume modify readonly

volume qtree create readonly

volume qtree show readonly

volume quota report readonly

volume show readonly

vserver readonly

vserver export-policy create readonly

vserver export-policy delete readonly

vserver export-policy rule create readonly

vserver export-policy rule delete readonly

vserver export-policy rule modify readonly

vserver export-policy rule show readonly

vserver export-policy show readonly

vserver fcp create readonly

vserver fcp delete readonly

vserver fcp initiator show readonly

vserver fcp interface show readonly

vserver fcp modify readonly

vserver fcp show readonly

vserver iscsi create readonly

vserver iscsi delete readonly

vserver iscsi modify readonly

vserver iscsi show readonly

vserver nfs create readonly

vserver nfs delete readonly

vserver nfs modify readonly

vserver nfs show readonly

VSC 6.2.1 reports the status "Insufficient previleges" with error message "One or more required RBAC capabilities not specified for this user".

The VSC logfile logs messages like "API failed. Insufficient privileges: user 'netapp_vsc' does not have write access to this resource (errno=13003) (called from com.netapp.exoforce.server.zapi.ControllerUtilCMode.getDedupeSizeShared(...) on line 629)".

My thought was, that the resource "getDedupeSizeShared" should be in "volume efficiency show" but it seems to be not.

So my question is: Which capability contains the resource "getDedupeSizeShared" and has to be added/modified?

Thanks,
Tino

RBAC with VSC 6.2.1 and ONTAP 9.0

Trending Articles

SnapTube - YouTube Downloader HD Video Final v4.48.0.4482310 [Mod]

Black Angus Grilled Artichokes

Who died from the T.V. Show pawn stars ?? #pawnstars

Practice Sheet of Right form of verbs for HSC Students

Kundi Mat Khadkao Raja Lyrics Translation | Gabbar is Back

Mp3 Download: Mmatema Moremi - Ke Lerato

Office 365: Auto-Expanding Archives FAQ

Karimnagar District Police Office Mobile Numbers List in Telangana State

Field Hockey Tactics and Strategies Set

Inception 2010 Hindi Dual Audio 650MB BRRip 720p ESubs HEVC

High police presence reported in Broadfield including helicopter

Police helicopter searches for Crawley suspect who made off from...

Who Is Sisanda Jonas? | Biography| Profile| History Of South African Media...

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

LINKIN PARK – From Zero [iTunes Plus M4A]

Yesenia Carballido Arrested by Miami-Dade County Corrections on Jan 03, 2020

[ GET ] Zach Crawford - AI Cash Machines 2.0 - System That Puts $1,000 + In...

NCERT Solutions for Class 9th Sanskrit Chapter 3 पाथेयम्

CSC GUIDELINES IN PHILIPPINE PASSPORT SIZE ID PHOTO AS DEPED REQUIREMENT

Daru and Sharab Status for Sharabi Friends in Hindi, Punjabi