Create a SnapLock security administrator account


You must have SnapLock security administrator privileges to perform a SnapLock volume move. This privilege is granted to you with the snaplock role, introduced in ONTAP 9.8. If you have not already been assigned that role, you can ask your cluster administrator to create a SnapLock security user with this SnapLock security role.

What you’ll need
  • You must be a cluster administrator to perform this task.

  • You must have logged in on a secure connection (SSH, console, or ZAPI).

About this task

The snaplock role is associated with the cluster SVM, unlike the vsadmin-snaplock role, which is associated with the data SVM.

  1. Create an SVM administrator account with the SnapLock administrator role:

    security login create -vserver SVM_name -user-or-group-name user_or_group_name -application application -authmethod authentication_method -role role -comment comment

    The following command enables the SVM administrator account SnapLockAdmin with the predefined snaplock role to access SVM2 using a password:

    cluster1::> security login create -vserver SVM2 -user-or-group-name SnapLockAdmin -application ssh -authmethod password -role snaplock