Roles in the LDAP domain are similar by name to local user roles, but are defined in a mutually exclusive manner.
Each role is authorized to perform a separate set of commands that are related to its functionality, with basically no overlap. The only exception is Configure, which is constructed from FrontendConfigure and BackendConfigure and does not exist as a separate role in LDAP. This model allows better granularity when defining users.
Superuser: Not supported for LDAP users. Must be a local user.
Security: Can define administrators and control LDAP. The Security user is not part of the hierarchical model and has a set of commands that only a Security (or Superuser) user can perform.
Administrator: Can define Configure and Monitor users.
FrontendConfigure: Can perform any frontend-related configurations that include volume manipulations (adding, deleting, and mapping volumes and snapshots) and SDC operations (adding and deleting SDCs).
BackendConfigure: Can perform upgrades and any backend-related configurations. Operations include:
Protection Domain and Storage Pool operations
Manipulating Fault Sets and SDS
Configuring SDS devices
Configuring replication
Monitor: Can only perform monitoring operations that do not affect the system.
In order to run NDU, the LDAP user must be assigned at a minimum both the Monitor and BackendConfigure user roles.
NOTE:You must assign the BackendConfigure role to the users who need to update the system license.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\