English

Create and manage user accounts by using NetApp Hybrid Cloud Control

Contributors amgrissino netapp-dbagwell netapp-mwallis Download PDF of this page

In SolidFire storage systems, authoritative cluster users can be created to enable login access to NetApp Hybrid Cloud Control depending on the permissions you wish to grant "Administrator" or "Read-only" users. In addition to cluster users, there are also volume accounts, which enable clients to connect to volumes on a storage node. 

When you create a volume, it is assigned to a specific volume account.

An account can have up to two-thousand volumes assigned to it, but a volume can belong to only one account.

Manage the following types of accounts:

Manage authoritative cluster accounts

Authoritative user accounts are managed from the top right menu User Management option in NetApp Hybrid Cloud Control. These types of accounts enable you to authenticate against any storage asset associated with a NetApp Hybrid Cloud Control instance of nodes and clusters. With this account, you can manage volumes, accounts, access groups, and more across all clusters.

Create an authoritative cluster account

You can create an account by using NetApp Hybrid Cloud Control.

This account can be used to log in to the Hybrid Cloud Control, the per-node UI for the cluster, and the storage cluster in NetApp Element software.

Steps
  1. Log in to NetApp Hybrid Cloud Control by providing the NetApp HCI or Element storage cluster administrator credentials.

  2. From the Dashboard, click on the top right Options icon and select User Management.

  3. Select Create User.

  4. Enter a name and password for the new account.

  5. Select either Administrator or Read-only permissions.

    To view the permissions from NetApp Element software, click Show legacy permissions. If you select a subset of these permissions, the account is assigned Read-only permissions. If you select all legacy permissions, the account is assigned Administrator permissions.
  6. Check the box indicating that "I have read and accept the NetApp End User License Agreement."

  7. Click Create User.

Edit an authoritative cluster account

You can change the permissions or password on a user account by using NetApp Hybrid Cloud Control.

Steps
  1. Log in to NetApp Hybrid Cloud Control by providing the NetApp HCI or Element storage cluster administrator credentials.

  2. From the Dashboard, click on the icon in the top right and select User Management.

  3. Optionally filter the list of user accounts by selecting Cluster, LDAP, or Idp.

    If you configured users on the storage cluster with LDAP, those accounts show a User Type of "LDAP." If you configured users on the storage cluster with Idp, those accounts show a User Type of "Idp."

  4. In the Actions column in the table, expand the menu for the account and select Edit.

  5. Make changes as needed.

  6. Select Save.

Delete an authoritative user account

You can delete one or more accounts when it is no longer needed.

You cannot delete the primary administrator user account for the authoritative cluster.

Steps
  1. Log in to NetApp Hybrid Cloud Control by providing the NetApp HCI or Element storage cluster administrator credentials.

  2. From the Dashboard, click on the icon in the top right and select User Management.

  3. In the Actions column in the Users table, expand the menu for the account and select Delete.

  4. Confirm the deletion by selecting Yes.

Manage volume accounts

Volume accounts are managed within the NetApp Hybrid Cloud Control Volumes table. These accounts are specific only to the storage cluster on which they were created. These types of accounts enable you to set permissions on volumes across the network, but have no effect outside of those volumes.

A volume account contains the CHAP authentication required to access the volumes assigned to it.

Create a volume account

Create an account specific to this volume.

Steps
  1. Log in to NetApp Hybrid Cloud Control by providing the NetApp HCI or Element storage cluster administrator credentials.

  2. From the Dashboard, select Storage > Volumes.

  3. Select the Accounts tab.

  4. Select the Create Account button.

  5. Enter a name for the new account.

  6. In the CHAP Settings section, enter the following information:

    • Initiator Secret for CHAP node session authentication

    • Target Secret for CHAP node session authentication

      To auto-generate either password, leave the credential fields blank.
  7. Select Create Account.

Edit a volume account

You can change the CHAP info and change whether an account is active or locked.

Deleting or locking an account associated with the management node results in an inaccessible management node.
Steps
  1. Log in to NetApp Hybrid Cloud Control by providing the NetApp HCI or Element storage cluster administrator credentials.

  2. From the Dashboard, select Storage > Volumes.

  3. Select the Accounts tab.

  4. In the Actions column in the table, expand the menu for the account and select Edit.

  5. Make changes as needed.

  6. Confirm the changes by selecting Yes.

Delete a volume account

Delete an account that you no longer need.

Before you delete a volume account, delete and purge any volumes associated with the account first.

Deleting or locking an account associated with the management node results in an inaccessible management node.
Persistent volumes that are associated with management services are assigned to a new account during installation or upgrade. If you are using persistent volumes, do not modify or delete the volumes or their associated account. If you do delete these accounts, you could render your management node unusable.
Steps
  1. Log in to NetApp Hybrid Cloud Control by providing the NetApp HCI or Element storage cluster administrator credentials.

  2. From the Dashboard, select Storage > Volumes.

  3. Select the Accounts tab.

  4. In the Actions column in the table, expand the menu for the account and select Delete.

  5. Confirm the deletion by selecting Yes.

Find more information