Skip to main content

Coming soon...New Support-Specific categorization of Knowledge Articles in the NetApp Knowledge Base site to improve navigation, searchability and your self-service journey.

NetApp Knowledge Base

What are the required capabilities for SnapDrive in ONTAP 7-Mode?

Last Updated:

Applies to

  • SnapDrive for Windows (SDW)
  • SnapDrive for Unix (SDU)
  • Data ONTAP 7.x and earlier
  • Data ONTAP 8.0 to 8.2.x 7-MODE


In certain environments, it is not deemed acceptable to add the SnapDrive service account to the local administrators group on the storage controllers.

Complete the following steps to create a storage controller group with the appropriate capabilities for a SnapDrive service account:

  1. Create a new role (such as 'sdrole') with the appropriate capabilities on the storage controller:
    useradmin role add sdrole -a login-http-admin,api-lun-*,api-snapshot-*,api-iscsi-*,api-volume-*,api-snapmirror-*,

  2. Create a new local storage controller group (such as 'sdadmin'): useradmin group add sdadmin
  3. Assign the new role to the newly created group: useradmin group modify sdadmin -r sdrole
  4. With SDW with RPC usage:

    • create the SnapDrive Service Account (such as 'snapdrive') in an Active Directory Domain.

    • then add the 'snapdrive' AD user to the 'sdadmin' group: useradmin domainuser add <DOMAIN>\snapdrive -g sdadmin

    • add the 'snapdrive' user to the Windows host local Administrators group (Note: the SDU daemon runs with root already).

    • install or modify SnapDrive to use the 'snapdrive' service account with its services.

  5. With SDU or SDW with http(s) usage:

    • add the local 'snapdrive' user to ONTAP: useradmin user add snapdrive -g sdadmin

  6. Test SnapDrive (example, create/delete snapshot, connect and disconnect snapshot, create/delete a LUN, resize a LUN).

If there are other NetApp applications running on the server (such as SnapManager for Exchange/SQL), test those applications as well.

Additional Information

For Data ONTAP 8 C-Mode and ONTAP 9 see "How to limit the privileges for SnapDrive with a role for an SVM account"


Scan to view the article on your device