Data Infrastructure Management Software Discussions
Can Anyone help me with setting up LDAP authentication on on Command System Manager? I want my AD users to login to system manager using their ad credentials and make configuration changes or monitor as per the permissions given to them.I have done the following stepcluster1::> security login domain-tunnel create -vserver vs0cluster1::> security login create -vserver cluster1 -user-or-group-name DOMAIN1\Administrator -application ssh -authmethod domain
After these also i am not able to login to the cluster via ssh using the administrator userCan anyone help
See The Solution
What you've provided looks correct given you have set the role where they have access to do what they need.
Double check your cifs settings (cifs show) on the svm and make sure everything is correct there.
Please also create http and ontapapi accounts.
security login create -user-or-group-name DOMAIN1\Administrator -application http -authmethod domain -role admin -vserver Cluster1
security login create -user-or-group-name DOMAIN1\Administrator -application ontapi -authmethod domain -role admin -vserver Cluster1
Please try the above commands. After that you can able to log in using system manager.
View solution in original post
You will not use ssh to login to the cluster via system manager. SSH is only for command line.
When you add the other two roles to security login, when you login via the webbrowser you need to login as
Thanks for the help everyone. finally got it to work
I am getting the same problem but with ssh from the command line. Everything seemed to work while craeting the cif server etc but I cannot log in using domain and username. Any ideas anyone?
Domain authencation works from SSH, but not with keys
You need to do the following
security login show -vserver vservername
add the domain group to the cluster vserver with ssh as the application
security login create blah
Then when you login use this
enter password, you should be good to go
he solution did help and i was able to setup AD authentication in most of my Cmode FAS. However it is not happening for 1 particular FAS. AFF8020,I am able to login to cluster shell via ssh using my domain id/pass but in GUI its not happening , always showing the message invalid userid and Admin.i am using domain\username to login to GUI..but its always showing invalid credentials...using same creds i can login ia puttyYes i used the security login for hhtp and ontapi as well.Any help would be appreciated..really stuck here.
Can you please post the output of
sec login show
"Console" Application type is missing.
"You must have a cluster user account configured with the admin role and the http, ontapi, and console application types."