A user with a custom role cannot rename Qtrees if they are restricted to two volumes
Applies to
- ONTAP 9
- Role-Based Access Control (RBAC)
- Qtree
Issue
- A user with a custom role cannot rename Qtrees if they are restricted to two volumes:
cluster1::> security login role show -vserver svm1 -role QtreeTest*
Role Command/ Access
Vserver Name Directory Query Level
---------- ------------- --------- ----------------------------------- --------
svm1 QtreeTestTwoVols DEFAULT none
volume qtree -volume vol1,vol2 all
QtreeTestAllVols DEFAULT none
volume qtree all
QtreeTestSingleVol DEFAULT none
volume qtree -volume vol1 all
6 entries were displayed.
- Trying to rename a Qtree as the user gives an error:
cluster1::> qtree rename -volume vol1 -newname qtree1
Error: command failed: not authorized for that command
- Deleting and creating Qtrees works
- Restricting the role for one volume or for all volumes works
- The Query is limited to a maximum of two entries