Create accounts for FlexPod devices

Contributors netapp-rlithman Download PDF of this topic

To get started, set up accounts for FlexPod devices:

  • CISCO UCS Manager

  • CISCO Nexus switches


  • VMware

  • APIC

The agent uses these accounts to collect configuration from each device.

Create a read-only account for Cisco UCS Manager

  1. Log in to Cisco UCS Manager.

  2. Create a locally authenticated user named csa-readonly.

    All new users are read-only by default.

Create a read-only account for your Nexus switches

  1. Log in to each Nexus switch using SSH or telnet.

  2. Enter global configuration mode:

     configure terminal
    .. Create a new user:
     username [name] password [password] role [role]
    .. Save the configuration:
    copy running configuration startup configuration

If you are using a TACACS+ server and you need to grant CSA user privileges, go to Granting CSA user privileges using a TACACS+ server.

Create an admin account for ONTAP

  1. Log in to OnCommand System Manager and click the settings icon:

    The settings icon in System Manager..

  2. On the Users page, click Add.

  3. Enter a user name and password and add ssh, ontapi and console as user login methods with admin access.

    Shows the Add User screen in System Manager

Create a read-only account for VMware

  1. Log in to vCenter.

  2. In the vCenter menu, choose Administration.

  3. Under roles, choose Read-only.

  4. Click the icon for Clone role action and change the name to CSA.

  5. Select the newly created CSA role.

  6. Click the Edit role icon.

  7. Under Edit role, choose Global and then check Licenses.

  8. On the sidebar, select Single sign on→Users and groups→Create a new user.

  9. Name the new user CSARO under DOMAIN vpshere.local.

  10. On the sidebar, select Global Permissions under Access Control.

  11. Choose the user CSARO and assign ROLE CSA.

  12. Log in to the Web Client.

    Use user ID: CSARO@vsphere.local and previously created password.

Create a read-only account on the APIC

  1. Click Admin.

  2. Click Create new local users.

  3. Under User Identity, enter the user information.

  4. Under Security select all security domain options.

  5. Click + to add user certificates and SSH keys if needed.

  6. Click Next.

  7. Click + to add roles for your domain.

  8. Select the Role Name from the dropdown menu.

  9. Select Read for the Role Privilege Type.

  10. Click Finish.