Does anyone know if there is a way to use smartcard authentication with OnCommand? Most secure enviroments force Windows accounts to only use Smart Card logon which scrambles the users password and they would not be able to enter a username/pwd at the oncommand logon screen.
Solved! See The Solution
Once again, thanks you for the quick response. Government agencies require the use of a smartcard for logon to a Windows domain and the account option "smart card is required for interactive logon" enabled on the AD account. When this boxed is checked, all interactive logon would require the smartcard to logon. So that means windows users can only now logon to the OnCommand Console if this option is turned off (which violates their security rules) on their AD account. The only work around I can see is if they have a local account on the Windows server hosting the OnCommand install (Again a more minor security finding). Local accounts aren't preferred and would seem to be taking a step backward as they require more management. If OnCommand supported smartcard, then the user would simply have to have the rights, a smartcard, and a pin #. That make sense?
This functionality is currently planned for a future release of UM 6.x for Clustered Data ONTAP.
There are no plans to add Smart Card support in UM 5.x.
Thank you for responding but ouch! That’s not going to go over well with my customers that have metro and are not upgrading to Clustered Ontap very soon. These are the people who wanted this change made in the first place.
Was SmartCard authentication ever added to Unified Manager? I've been searching but haven't found anything yet specifically saying that it was or wasn't added and if so how to configure it.
SAML 2.0 was announced for OCUM (7.3??) and System manager in Ontap 9.3.. "and the people supporting smart card environments rejoiced..... yyeeeeaahh..."