EMC M&R |
N/A
|
6.4
|
SolutionPack for Brocade FC Switch |
SMI-S:
- For SMI-S, any user having SAN System administrator privileges and having access to all Fabrics.
SNMP:
- For SNMP v1/v2c, configure SNMP community string.
- For SNMP v3, configure an SNMP v3 user name.
|
3.5.1
|
SolutionPack for Cisco MDS/Nexus |
For SNMP v1/v2c, configure SNMP community string.
For SNMP v3, configure an SNMP v3 user name.
|
3.5.1
|
SolutionPack for Cisco UCS |
“Role-read-only” role is sufficient for the SolutionPack to work properly. We recommend to create a new dedicated “service account” for SolutionPack integration.
|
1.1.1
|
SolutionPack for Converged Infrastructure |
Log in to UIM (using UIM credentials) from within Watch4Net. The credentials will be re-used in the form of a Ticket Granting Ticket (CAS TGT) until it expires. This expiration interval is configurable on the UIM server by the administrator. The default duration period is 2 hours.
One instance of UIM/P and one instance of UIM/O should be used as a set. Add UIM/P to UIM/O as a data source.
If you use UIM’s default Self Signed SSL Certificates, then they must be installed or added to the exception in the browsers prior to using this Solution Pack. Otherwise, you cannot view reports from UIM.
|
1.1
|
SolutionPack for EMC Atmos |
Atmos System Management Console
- SysAdmin Level
- TenantAdmin on each Tenant that the user wants to collect data.
Atmos Cloud Delivery Platform
- Admin level access to management nodes.
- Admin level access to authentication nodes.
|
2.0.1
|
SolutionPack for EMC Centera |
The minimum profile privileges needed for data collection are:
- The only required roles are "Accesscontrol" and "Monitor".
- The "Granted Rights" only need to be set to "read" (r).
The installation of the Centera collection services on a Windows host requires Administrator privileges. But there is a workaround described in KnowledgeBase article 188584 that will allow the post-install running of these services as a non-Administrator user.
|
1.4.1
|
SolutionPack for EMC Data Domain |
No user authentication required. ViPR SRM will extract the data using SNMP "V2C" with the community string as "Public."
|
1.0
|
SolutionPack for EMC Data Protection Advisor |
DPA user needs a custom role with Manage Scheduled Reports privileges enabled on DPA server.
Enabling the Manage Scheduled Reports will also enable Run reports and View existing scheduled reports and schedules. These privileges are sufficient for the DPA SolutionPack to pull data from DPA server.
|
1.1.1
|
SolutionPack for EMC Host Interface |
Privileges are controlled by the configuration of the host agent. No special privileges are required for a host to be discovered.
|
1.2
|
SolutionPack for EMC Isilon |
Collection will work with root/admin users who have administrative privileges. Collection also works for a non-admin user that is a member of the AuditAdmin role. This role has mostly READ ONLY privileges.
|
3.5.1
|
SolutionPack for EMC RecoverPoint |
Under technical review.
|
1.1
|
SolutionPack for EMC VMAX |
For ViPR SRM to collect all masking views when Symmetrix Access Control (symacl) is enabled, the Solutions Enabler host must be added to an Access Group which has Access Type "BASE" and "VLOGIX" to all devices.
For ViPR SRM to collect all masking views when Symmetrix Authorization (symauth) is enabled the user performing the collection only needs the Monitor role.
IMPORTANT: symauth "Monitor" role only works to retrieve all masking views with latest Solutions Enabler 7.6.2.25 (hotfix 1843/service alert 1708). Older versions of Solutions Enabler 7.6.2 (ex. 7.6.2.8 which was required in ViPR SRM 3.5 release) required "Storage Admin" or "Admin" role in order to retrieve all masking views.
Windows-based collector host running VMAX Solution Pack and using "remote" SYMAPI Server:
- The Windows "System" account runs the Collector service which performs the VMAX collection
- The Windows "System" account therefore executes the SYMCLI commands to get the masking view.
- In order for symauth to retrieve all masking views the collector hosts's "System" user account must at least have the "Monitor" role authorized. Again, this assumes Solutions Enabler 7.6.2.25 or higher is installed
- Otherwise if an older 7.6.2 Solutions Enabler is installed then "Storage Admin" or "Admin" role would be required.
Linux-based collector host running VMAX SolutionPack:
- The "apg" user account runs the Collector service which performs the VMAX collection
- The "apg" user therefore executes the SYMCLI commands to get the masking views
- In order for symauth to retrieve all masking views the SRM ViPR Linux collector hosts's "apg" user account must at least have the "Monitor" role authorized. Again, this assumes Solutions Enabler 7.6.2.25 or higher is installed
- Otherwise, if an older 7.6.2 Solutions Enabler is installed, then "Storage Admin" or "Admin" role would be required.
|
3.5.1
|
SolutionPack for EMC VNX |
VNX Block -- User with Operator role or higher. NOTE: If the user only has the Operator role and you run the status "Test" from Discovery Center, the "statistics logging" test will always fail. To confirm Statistics Logging is enabled, you should login to Unisphere as a user with Administrator privileges. Once Statistics Logging is enabled, the Operartor user will be able to collect performance data from the array.
VNX File -- A local user for file with Operator role or higher. The "CLI access allowed" check box must be checked.
|
3.5.1
|
SolutionPack for EMC ViPR (The ViPR documentation is available at
http://community.emc.com/docs/DOC-35557)
|
Set the following roles in the Virtual Data Center
- System Monitor - Retrieves metering and monitoring records for the Virtual Data Center.
- System Auditor - Retrieves audit logs for the Virtual Data Center.
|
2.0.1
|
SolutionPack for EMC VPLEX |
Use the management CLI and the Linux shell account to navigate on the management station. The service account that is used by default is both a Linux account and a CLI account.
From the perspective of the management CLI, the service user is not read-only, because you can perform some provisioning operations on the VPLEX, although it does not have full administrative capabilities.
From the perspective of the Linux shell, the service account is a regular user account so you cannot do operations that require root privilege.
For a non-service account, follow these additional steps once the user has been created. This is assuming the SolutionPack is already installed using the service account. If it is being installed for the first time with a non-service user, you do not need this procedure.
- Change the permission to the virt-volumes folder with following command:
chmod g+w virt-volumes // run under /var/log/Vplex/cli/w4
- Reconfigure the VPLEX SolutionPack with the alternate account
|
3.5.1
|
SolutionPack for EMC Watch4Net Health |
N/A
|
3.5.1
|
SolutionPack for EMC XtremIO
|
Non-admin account with read-only privileges.
|
3.5.1
|
SolutionPack for Hitachi Device Manager |
Non-privileged account with rights to view all.
|
3.5.1
|
SolutionPack for HP 3PAR StoreServ |
Non-privileged account with rights to view all.
|
3.5.1
|
SolutionPack for HP EVA |
Admin rights are required.
|
1.1
|
SolutionPack for HP StorageWorks P9000 |
Non-privileged account with rights to view all.
|
3.5.1
|
SolutionPack for IBM DS |
Under technical review.
|
1.0
|
SolutionPack for IBM LPAR |
VIO server
- SUDO user role with elevated (root) privileges to execute commands to be run on the VIOS host.
- Note: The padmin role is not required for VIO Servers.
VIO Client/LPAR
- SUDO user role (or)
- SSH Keys (or)
- root user (optional)
|
1.1.1
|
SolutionPack for IBM SAN Volume Controller/Storwize
|
For topology & capacity data only, you must provide a service account, which is member of the “Monitor” user group.
For performance data collection over SSH (to do a performance synchronization), the service account must be in the “Administrator” or “SecurityAdmin” user group.
When enabling performance data collection, this will periodically transfer over SSH (scp/sftp) the SVC dumps into the Watch4net collector host. Those files will be purged/deleted from all SVC nodes, after processing. Collecting performance data from multiple Watch4net collector hosts at the same time is not supported.
Uncheck option to synchronize performance data from all nodes “Performance synchronization” during SolutionPack installation or reconfigure to keep all files so that third party tools can get the performance data.
In this case SVC SolutionPack will only collect performance data from configuration node.
|
1.1
|
SolutionPack for IBM XIV |
Discovery works with Read Only, Storage Administrator, Application Administrator access.
Read Only is the minimum required.
Due to limitations with the IBM software, discovery using the LDAP users will not happen if there is no active IBM XIV GUI user session, either by the corresponding LDAP user or a stroage administrator.
|
3.5.1
|
SolutionPack for Microsoft Hyper-V |
Admin rights are required in order to run unsigned PowerShell scripts.
In order to do this, you must run the following command as an administrative user:
PowerShell -C Set-ExecutionPolicy Unrestricted
On Microsoft Windows Server 2008 R2 and Microsoft Windows Server 2012 Hyper-V hosts, the domain administrative user must use be member of domain group Domain Admins. In other words, is not enough to make a domain user member of local group Administrators in Hyper-V hosts.
On Microsoft Windows Server 2008 R2 and Microsoft Windows Server 2012 Hyper-V hosts, the WMI queries can be performed only using the build-in Administrator local user. Any other local administrative local user will be unable to perform the queries because the UAC controls.
On Microsoft Hyper-V Server 2012 and Microsoft Windows Server 2012 Hyper-V hosts, is possible to collect data using a non-administrative local or domain user. This user must be member of local groups Hyper-V Administrators and Performance Log Users groups. Unfortunately, this will not possible in Microsoft Hyper-V Server 2008 R2 and Microsoft Windows Server 2008 R2.
|
1.2.2
|
SolutionPack for Microsoft SQL Server |
- SQL authentication requires that the user be a member of the SYSADMIN group
- Windows user account requires the user be a member of the Guests group or the Domain Guests group
- The default database must be the master
- Windows user account must be imported into the Microsoft SQL Server with settings similar to these:
- Server roles of public
- Securable grants for Connect SQL, View any definitions, and View server state
|
1.1
|
SolutionPack for NetApp Filer |
SSH connection to the 7-Mode NetApp devices with the following role:
- login-ssh, cli-stats*, cli-snap*, cli-aggr*, cli-vol*, cli-disk*, cli-nfs*, cli-cifs*, cli-df, cli-sysconfig, cli-ifconfig, cli-qtree, cli-quota, cli-storage, cli-maxfiles, cli-echo, cli-lun, cli-fcp
SSH connection to the C-Mode NetApp devices with the following role:
- Access level 'readonly' for the commands : volume, df, lun, storage, statistics, network, vserver, cluster, sleep
- Access level 'all' for the commands: set, system
|
3.5.1
|
SolutionPack for Oracle Database |
The Watch4net collector must connect to each instance of Oracle databases and perform SQL queries. You can use either an administrator equivalent system account, or create a dedicated system account for the collector. If you want to use the last option, ask the DBA administrator to run the query described in the SolutionPack for Oracle article.
This will create a "watch4net" account, which specific grant for the Watch4net collector.
|
1.3.1.1
|
SolutionPack for Physical Hosts |
Windows user privileges
- Domain user in the local administrator's group (recommended), or
- Local administrator for the host.
UNIX user privileges
- Sudo user with read/execute permissions for commands, or
- SSH public/private key pair with execute permission for commands.
Refer to the SolutionPack for Physical Hosts article for more information.
|
1.1.1
|
SolutionPack for Storage Compliance (The compliance rules support all the supported Hosts, ESX, VMs, HDS, IBM XIV, EMC arrays (VMAX and VNX), and Brocade and Cisco fabrics.)
|
N/A
|
3.5.1
|
SolutionPack for VI VirtualWisdom |
Windows Administrator privileges are required to install the VI proxy software.
|
1.0
|
SolutionPack for VMware vCenter |
Discovery works with read-only non-admin user.
|
3.5.1
|