Modify the role assigned to an administrator

Contributors

You can use the security login modify command to change the role of a cluster or SVM administrator account. You can assign a predefined or custom role.

What you’ll need

You must be a cluster administrator to perform this task.

Step
  1. Change the role of a cluster or SVM administrator:

    security login modify -vserver SVM_name -user-or-group-name user_or_group_name -application application -authmethod authentication_method -role role -comment comment

    For complete command syntax, see the worksheet.

    The following command changes the role of the AD cluster administrator account DOMAIN1\guest1 to the predefined readonly role.

    cluster1::>security login modify -vserver engCluster -user-or-group-name DOMAIN1\guest1 -application ssh -authmethod domain -role readonly

    The following command changes the role of the SVM administrator accounts in the AD group account DOMAIN1\adgroup to the custom vol_role role.

    cluster1::>security login modify -vserver engData -user-or-group-name DOMAIN1\adgroup -application ssh -authmethod domain -role vol_role