Hi all.
I am deskilled having not worked on VIO for over a decade, so I need help from the community please.
I am trying to give a user the minimum privs to be able to monitor the VIO server.
I need to give them access to the lsmap and the lsnports command from the ios cli command set.
VIOS 4.1.1.10
AIX 7300-03-01-2520
According to this page:
Using role-based access control with the Virtual I/O Server
| Ibm |
remove preview |
|
| Using role-based access control with the Virtual I/O Server |
| With Virtual I/O Server Version 2.2, and later, a system administrator can define roles based on job functions in an organization by using role-based access control (RBAC). |
| View this on Ibm > |
|
|
I need to give these authorizations to the user:
vios.device.manage.list
vios.device.manage.map.phyvir
So I created a role:
mkrole authorizations='vios.device.manage.list,vios.device.manage.map.phyvirt' dfltmsg='Monitoring role for VIOS' monrole
and added the role to the user:
chuser roles='monrole' monuser
I still get
"Access to run the command is not valid"
This is for a customer who has no VIOS support and needs to call in a consultant everytime they want something doing so I have no access to the VIO server myself.
Thanks in advance for any and all advice.
------------------------------
Michael Davison
EMEA Support Team Lead
Fortra
Peterborough
------------------------------