Open a SSH session to Netapp CDOT system in question and paste in the following commands: Create a Role
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "antivirus " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "antivirus on-access " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "antivirus on-demand " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "antivirus remedy " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "antivirus update " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "dashboard health vserver " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "df " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "event generate-autosupport-log " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "job " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "job schedule " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "job schedule cron " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "job schedule interval " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "lun " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "network connections " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "network connections active show-clients " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "network connections active show-protocols" -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "network connections active show-services " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "network interface " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "network interface failover-groups " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "network routing-groups " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "security certificate " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "security certificate file show " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "security login password " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "security login publickey " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "security login role show-ontapi " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "security login role show-user-capability " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "security ssl " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "set " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "snapmirror " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "statistics catalog " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "statistics samples delete " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "statistics samples show " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "statistics show " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "statistics show-periodic " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "statistics start " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "statistics stop " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "timezone " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "version " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "volume " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "volume copy " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "volume efficiency " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "volume move " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver " -access readonly
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver audit " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver cifs " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver data-policy " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver export-policy " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver fcp " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver fpolicy " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver iscsi " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver locks " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver name-mapping " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver nfs " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver security file-directory " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver security trace filter " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver security trace trace-result " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver services " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver services kerberos-realm " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver services ndmp " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver services web " -access none
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver smtape " -access all
security login role create -vserver <vSERVERNAME> -role <ROLENAME> "vserver smtape break " -access all
Create a User Account and Assign a Role to a User
security login create -vserver <vSERVERNAME> -username <USERNAME> -application ssh -authmethod password -role <ROLENAME>
security login create -vserver <vSERVERNAME> -username <USERNAME> -application ontapi -authmethod password -role <ROLENAME>
Delete a User and a Role
security login delete -vserver <vSERVERNAME> -username <USERNAME> -application *
security login role delete -vserver <vSERVERNAME> -role <ROLENAME> -cmddirname *
|