Ask The Experts

AD Authentication w/FC Only LIFS




Quick question and yes, I'm "fishing" since I believe the answer will be a resounding "no", but I'm going to ask anyways.


So, I have a AFF700 that is running ALL FC, LIFS, 1 single SVM, 16 FC physical ports etc. I have the ability to upgrade (slots) the storage to 24 (12 per-node) network ports but that's a cost and probably won't happen.


I was going to create a "dummy" SVM that is attached to my domain that I wish to authenticte users against. Dummy, meaning, no volumes, LUNS etc, just simply an SVM running CIFS service and attached to my domain.


Then I would run the security-tunnel command.


My question - Is there absilutely no way to create that dummy SVM running CIFS if I only have FC cards anf LIFS on the storage? Right now I just receive an error that says "No suitable ports found". Maybe use a e0M, secondry SP Port, etc??


Any help is appreciated.





There is no need to enable CIFS to get AD authentication working:


You could run this over a "SVM admin_lif"




I like that idea and it makes sense. The ONLY problem is that all other SVM's on this particular storage array are on let's say a dommain called "AB" and the domain I need ot have people authenticate too is called "CD".


AB = Our internal LABS domain for R&D.


CD = Our top-level (corporate) domain and there is a one-way trust between the AD environments.


That's the reason was trying to explicitly create a new SVM on the "CD" domain. All user authentication, GPO's etc are all within the "CD" domain.


paul_stejskal don't have any other ports besides e0M for ethernet? I find that hard to believe. You should be able to share ports for LIFs on different vServers.


Not sure if you caught what I mentioned in my thread. There are no network cards, this storage is ALL FC only. So yes, you can believe it. LOL




Sorry for the mis-read on my part. Conviently read over the fact that there are no GBE network card in the system.

If there are no GBE ports available its not possible.


Maybe FCoE is an option, but that out of my scope.


Yes I did see that. Maybe like what was said if you have the CNA cards you can flip one to FCoE if it's not in use?

NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner