Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

Active IQ Unified Manager read-only account privileges for ONTAP

Last Updated:

Applies to

  • Active IQ Unified Manager 9.x+ ( AIQUM )
  • OnCommand Unified Manager 7.2+ ( OCUM )
  • OnCommand Unified Manager 6.x ( OCUM )


This article describes how to create a role in ONTAP with minimum permission and access as necessarily required by a local user account, which will be used by Unified Manager.

More about this article:

  • This is living breathing article, which means if we created a read-only (minimum permission) role in ONTAP following this article and still run into an issue then hopefully the same article will help you update the role with the missing/required APIs.

  • The article includes the different ontapi as part of the attach files that will help you create a local user account with minimum permissions.

  • The article includes minimum ontapi commands that was tested in 8.3.2, 9.1 through 9.6.
  • You must add/remove the cluster with admin privileges, when adding, once the poll is completed you can change to the readonly user created.
Scan to view the article on your device