A user with a custom role cannot rename Qtrees if they are restricted to two volumes

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 150

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: core

Last Updated:

Applies to

ONTAP 9
Role-Based Access Control (RBAC)
Qtree

Issue

A user with a custom role cannot rename Qtrees if they are restricted to two volumes:

cluster1::> security login role show -vserver svm1 -role QtreeTest*

                Role             Command/                                      Access
Vserver         Name             Directory                               Query Level
----------    -------------     ---------  ----------------------------------- --------
svm1          QtreeTestTwoVols   DEFAULT                                       none
                                 volume qtree               -volume vol1,vol2  all
              QtreeTestAllVols   DEFAULT                                       none
                                 volume qtree                                  all
              QtreeTestSingleVol DEFAULT                                       none
                                 volume qtree                    -volume vol1  all
6 entries were displayed.

Trying to rename a Qtree as the user gives an error:

cluster1::> qtree rename -volume vol1 -newname qtree1

Error: command failed: not authorized for that command

Deleting and creating Qtrees works
Restricting the role for one volume or for all volumes works
The Query is limited to a maximum of two entries