Active IQ Unified Manager Discussions

Smart card Authentication?

cecil
12,455 Views

Does anyone know if there is a way to use smartcard authentication with OnCommand? Most secure enviroments force Windows accounts to only use Smart Card logon which scrambles the users password and they would not be able to enter a username/pwd at the oncommand logon screen. 

1 ACCEPTED SOLUTION

adaikkap
12,455 Views

Hi Cecil,

     As of today OnCommand Unified Manager doesnt do it. Can you explain us little more on the same why its better why its need etc ?

Regards

adai

View solution in original post

10 REPLIES 10

adaikkap
12,456 Views

Hi Cecil,

     As of today OnCommand Unified Manager doesnt do it. Can you explain us little more on the same why its better why its need etc ?

Regards

adai

cecil
12,359 Views

Adai.

Once again, thanks you for the quick response. Government agencies require the use of a smartcard for logon to a Windows domain and the account option "smart card is required for interactive logon" enabled on the AD account. When this boxed is checked, all interactive logon would require the smartcard to logon. So that means windows users can only now logon to the OnCommand Console if this option is turned off (which violates their security rules) on their AD account. The only work around I can see is if they have a local account on the Windows server hosting the OnCommand install (Again a more minor security finding). Local accounts aren't preferred and would seem to be taking a step backward as they require more management. If OnCommand supported smartcard, then the user would simply have to have the rights, a smartcard, and a pin #. That make sense?

Cecil

adaikkap
12,359 Views

Hi Cecil,

     Thanks for the details. Let me pass this on to the concerned personnel for further actions.

Regards

adai

cecil
12,359 Views

Hi Adai,

Its been awhile and I wanted to follow up. Was there ever any plan to incorporate this with OnCommand?

Thank you!

Cecil

kryan
12,359 Views

Hi Cecil,

This functionality is currently planned for a future release of UM 6.x for Clustered Data ONTAP.

There are no plans to add Smart Card support in UM 5.x. 

Thanks,

Kevin

cecil
12,359 Views

Thank you for responding but ouch! That’s not going to go over well with my customers that have metro and are not upgrading to Clustered Ontap very soon. These are the people who wanted this change made in the first place.

SheilaHale
11,988 Views
So is smart card Authentication working with Ontap 7-Mode 8.2.2.? If so how do we set this up using RSA-gemalto drivers?

jpulk
10,726 Views

Was SmartCard authentication ever added to Unified Manager? I've been searching but haven't found anything yet specifically saying that it was or wasn't added and if so how to configure it. 

JCutter03
10,219 Views

I'm also looking for smart card support as well... or at least single sign on.

thywyn222
8,442 Views

SAML 2.0 was announced for OCUM (7.3??)  and System manager in Ontap 9.3.. "and the people supporting smart card environments rejoiced..... yyeeeeaahh..."

 

https://blog.netapp.com/announcing-netapp-ontap-9-3-the-next-step-in-modernizing-your-data-management/

 

 

 

Public