Community

Subscribe
Highlighted

Cluster management AD authentication w/o a CIFS license

I am running OnTap 8.2P3 in our 4-node cluster.  I am working on getting AD authentication setup, but the only path I am finding involves creating a CIFS VServer and a tunnel to direct authentication requests.  While this all makes sense, I remember on 7-mode you didn't really have to have a CIFS license to use AD authentication.  It seems like in cluster mode you do in order to create the VServer.  Can anyone confirm that a CIFS license is required simply to enable AD authentication?  That seems a little crazy to me.  The only reason we would use CIFS on the cluster is to facilitate AD connectivity.  I shouldn't have to license a protocol for that.

Also, is there any other way to achieve AD auth without creating the CIFS VServer?

Thanks in advance.

Re: Cluster management AD authentication w/o a CIFS license

Matthew,

NetApp Clustered Data ONTAP 8.2 File Management Access for CIFS documentation covers the topic about how to configure and manage AD Computer Accounts with SVM with no CIFS Licenses required. Page 27 onwards on the document will guide you through your requirements.

Re: Cluster management AD authentication w/o a CIFS license

Administration Guide says, that to enable AD authentication you need full CIFS server and you cannot create CIFS server without CIFS license. Could you please show working setup with AD tunneling without CIFS license?

Re: Cluster management AD authentication w/o a CIFS license

Hasn't this been implemented in 8.2.1?

Cannot find a doc right now, but I think I've read it somewhere

Edit:

found it in the release notes of 8.2.1 p53:

Starting with Data ONTAP 8.2.1, you can create and manage Active Directory (AD) computer

accounts for Storage Virtual Machines (SVMs) even if you do not have CIFS licensed on any of the

cluster nodes.