ONTAP Discussions

How to grant admin access to a CDOT cluster via an Active Directory group

89sigo
25,249 Views

We have a new 4 node CDOT cluster that we are building out at this time. This is the first on our company as the rest are all running 7-mode.

When I add execute the following commands on our new CDOT cluster, I am able to successfully login via putty or system manager:

security login create -vserver vs1 -username DOMAIN\username -application ontapi -authmethod domain -role admin
security login create -vserver vs1 -username DOMAIN\username -application ssh -authmethod domain -role admin

However, I need to provision security access via AD groups as we have a ot of admins that need access.

If I use the following commands to provision security, the commands are accepted by ONTAP but AD credential sets will not grant access to putty or system manager.

security login create -vserver vs1 -username "DOMAIN\AD Group" -application ontapi -authmethod domain -role admin
security login create -vserver vs1 -username "DOMAIN\AD Group" -application ssh -authmethod domain -role admin

Please provide comments if you have ideas on next steps.

11 REPLIES 11
Public