Modifying the role assigned to an administrator

You can use the security login modify command to change the role of a cluster or SVM administrator account. You can assign a predefined or custom role.

Before you begin

You must be a cluster administrator to perform this task.

Step

  1. Change the role of a cluster or SVM administrator: security login modify -vserver SVM_name -user-or-group-name user_or_group_name -application application -authmethod authentication_method -role role -comment comment
    For complete command syntax, see the worksheet.

    Creating or modifying login accounts

    Example

    The following command changes the role of the AD cluster administrator account DOMAIN1\guest1 to the predefined readonly role.

    cluster1::>security login modify -vserver engCluster -user-or-group-name DOMAIN1\guest1 -application ssh -authmethod domain -role readonly

    The following command changes the role of the SVM administrator accounts in the AD group account DOMAIN1\adgroup to the custom vol_role role.

    cluster1::>security login modify -vserver engData -user-or-group-name DOMAIN1\adgroup -application ssh -authmethod domain -role vol_role