cancel
Showing results for 
Search instead for 
Did you mean: 

EV8 FSA and NetApp required permissions

SolarP
Level 6
Partner Accredited
Hi all
I have a question about installing FSA on to a NetApp Filer
Looking at the FSA archiving documentation, the EV System account has to be a Member of the administrators Group on the NetApp filer
Is this an absolute or can the account be given full admin rights on the shares/ files and member of backup operators group or similar local group in order to archive and leave placeholders.
The Customer I am working with have a NetApp filer which is run by a third party who are not willing to give the EV System account local administrators group access of the whole NetApp filer

What is the minimum permissions required on a NetApp filer in order for FSA to work from the shares

Thanks

SP
1 ACCEPTED SOLUTION

Accepted Solutions

MichelZ
Level 6
Partner Accredited Certified
I think that's an absolute requirement, because the account needs to create FPolicies, which is only possible when the Account has Admin permissions.

Cheers

cloudficient - EV Migration, creators of EVComplete.

View solution in original post

4 REPLIES 4

Maverik
Level 6
Hi,

What is stated in the documentation is the requirement.  There is not a min and recommended requirement for things like this unfortunatley.

MichelZ
Level 6
Partner Accredited Certified
I think that's an absolute requirement, because the account needs to create FPolicies, which is only possible when the Account has Admin permissions.

Cheers

cloudficient - EV Migration, creators of EVComplete.

SolarP
Level 6
Partner Accredited
Thanks Guys
I look forward to that bun fight then with the suppliers ;)


SP

NilsV
Level 3
Partner

I understand where the 3rd party is coming from, the company that I work for does both EV and NetApp filers.

You might have success with limiting the account to do api calls only, since EV does all it's work through the API. In order to be able to do anything with FSA, the EVSA would still need admin permissions on the share and filesystem security though.

The correct permissions would then be api-* for the NetApp filer. Offcourse, the official requirement is still administrative permissions, but I've tested this in a lab (note: this was in EV7) and it worked. Haven't tested it with file blocking, but since it's implemented in fpolicy as well, it should work equally well.