Skip to main content
NetApp Knowledge Base

How can I create a temporary account for a field engineer to login to perform maintenance work on a cluster

Views:
713
Visibility:
Public
Votes:
1
Category:
ontap-9
Specialty:
core
Last Updated:

Applies to

  • FAS Models
  • AFF Models
  • Ontap 9

Answer

In some cases, it might make things more streamlined to provide a unique account for a field engineer to work on your cluster, rather than sharing "admin" credentials.

To perform these actions, SSH to the cluster and run the following commands:

1)  Create the user named "field_tech"

::> security login create -user-or-group-name field_tech  -application console -authentication-method password -role admin

You will be prompted to enter a password

Please enter a password for user 'field_tech':
Please enter it again:

2)  Add access to the "service-processor" application

::> security login create -user-or-group-name field_tech  -application service-processor  -authentication-method password -role admin

3)  Verify that the account has been created properly

::> security login show -user-or-group-name field_tech

Vserver: tfmb
                                                                 Second
User/Group                 Authentication                 Acct   Authentication
Name           Application Method        Role Name        Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
field_tech     console     password      admin            no     none
field_tech     service-processor
                           password      admin            no     none
2 entries were displayed.

Once the maintenance work has been completed, you can "lock" the account so that it can't be used

::> security login lock -username field_tech

Future maintenance windows can have the account unlocked with this command

::> security login unlock -username field_tech

and the password can be changed at anytime with this command:

::>  security login password -username field_tech

Additional Information

security login commands

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.