https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57939#M5357 <HTML><HEAD></HEAD><BODY><P>Reviving this to see if anyone has found a workaround to this very annoying issue.</P><P></P><P>You cannot log into the SP using a Domain account.&nbsp; This is documented by NetApp that it must be a local account and verified at customers and our labs.&nbsp; This makes sense because the SP is not running CIFS.</P><P></P><P>Has anyone found a solution to let you log into the "system console" either from the SP, or physically connected to the back of the controller using a AD domain account?</P><P></P><P>This is assuming CIFS is running, and the user can log into the filer via SSH using an AD domain account.</P><P></P><P>This leaves customers that are subject to audits in a very difficult place because it undermines all RBAC when physical connectivity is required.&nbsp; Even though DFM makes it easier, maintaining local user accounts in large enterprises is not acceptable in my opinion.</P></BODY></HTML> Wed, 11 Jul 2012 00:32:22 GMT audifreakjim 2012-07-11T00:32:22Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57919#M5353 <HTML><HEAD></HEAD><BODY><P>Hi All,</P><P> <BR />Can I use AD domain user a/c to login filer console to manage filer through AD LDAP authentication?</P><P> <BR /> <BR />Regards</P></BODY></HTML> Thu, 05 Jun 2025 07:04:07 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57919#M5353 tatlee 2025-06-05T07:04:07Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57924#M5354 <HTML><HEAD></HEAD><BODY><P>You certanly can. Run "cifs setup" from the command line. And dont worry if you dont have a cifs license as its not a requirement.</P><P></P><P>-C- </P></BODY></HTML> Thu, 02 Dec 2010 05:10:33 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57924#M5354 cory_mckee 2010-12-02T05:10:33Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57929#M5355 <HTML><HEAD></HEAD><BODY><P>thanks cory.mckee</P><P></P><P>but on cifs setup, I have choose the option (1) Active Directory domain authentication.</P><P>Also I configure the options of ldap</P><P>ldap.ADdomain XXX.XXX.COM</P><P>ldap.base&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; cn=group,dc=xxx,dc=xxx,dc=com</P><P>ldap.name&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; service a/c name</P><P>ldap.passwd&nbsp;&nbsp;&nbsp;&nbsp; userpasswd</P><P></P><P>Can these settings satisfy to login console use AD ldap authentication?</P><P></P><P>Regards,</P><P>Terrence Lee</P></BODY></HTML> Thu, 02 Dec 2010 06:04:58 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57929#M5355 tatlee 2010-12-02T06:04:58Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57934#M5356 <HTML><HEAD></HEAD><BODY><P>From a login perspective you need to assign the account to a group on your filer using the useradmin command</P><P></P><P>useradmin domainuser add &lt;user_name&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -g &lt;group1&gt;[,&lt;group2&gt;,...,&lt;groupN&gt;]<BR />useradmin domainuser delete &lt;user_name&gt;<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -g &lt;group1&gt;[,&lt;group2&gt;,...,&lt;groupN&gt;]<BR />useradmin domainuser list -g &lt;group_name&gt;<BR />useradmin domainuser load &lt;filename&gt;</P></BODY></HTML> Thu, 02 Dec 2010 16:05:17 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57934#M5356 cory_mckee 2010-12-02T16:05:17Z https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57939#M5357 <HTML><HEAD></HEAD><BODY><P>Reviving this to see if anyone has found a workaround to this very annoying issue.</P><P></P><P>You cannot log into the SP using a Domain account.&nbsp; This is documented by NetApp that it must be a local account and verified at customers and our labs.&nbsp; This makes sense because the SP is not running CIFS.</P><P></P><P>Has anyone found a solution to let you log into the "system console" either from the SP, or physically connected to the back of the controller using a AD domain account?</P><P></P><P>This is assuming CIFS is running, and the user can log into the filer via SSH using an AD domain account.</P><P></P><P>This leaves customers that are subject to audits in a very difficult place because it undermines all RBAC when physical connectivity is required.&nbsp; Even though DFM makes it easier, maintaining local user accounts in large enterprises is not acceptable in my opinion.</P></BODY></HTML> Wed, 11 Jul 2012 00:32:22 GMT https://community.netapp.com/t5/Network-and-Storage-Protocols/Active-Directory-LDAP-authentication/m-p/57939#M5357 audifreakjim 2012-07-11T00:32:22Z