Active IQ Unified Manager Discussions

snmpv3 config error using domain account

rubinsed1
5,129 Views

I'm setting up communications between OnCommand Core 5.01 and NetApp filers running Data ONTAP 7.3.6 and 8.1.

After following the steps listed in https://communities.netapp.com/docs/DOC-9314, I tried to configure a domain account instead of a local account (useradmin domainuser vice useradmin user).

Now I'm getting en error "Permission denied for SNMPv3 requests from XXX\XXXXX. Reason: user does not exist." I dont get this error if i substitute a local account instead.

My question is, is a domain account supported for snmpv3 communication between filers and dfm?

-Ed

4 REPLIES 4

amirm
5,129 Views

Hi Ed,

The syntax for adding domain user is:

useradmin domainuser add win_user_name -g {custom_group|Administrators|"Backup Operators"|Guests|"Power Users"|Users}[,...]

win_user_name is the Windows domain user whose name or Security ID (SID) you want to assign to a customized or predefined group.

Please refer to this help page on useradmin domainuser command.Using this I could add the user as:

> useradmin domainuser add DOMAIN\snmpv3user -g snmpv3group

SID = S-1-5-21-1939535855-3574135614-826000282-1143

Domain User <DOMAIN\snmpv3user> successfully added to snmpv3group.

Also please make sure that this user is added to the appropriate group i.e snmpv3group that has the required role i.e. "snmpv3role" with "login-snmp" access.

>useradmin role add snmpv3role -a login-snmp

> useradmin group add snmpv3group -r snmpv3role

Regards,

-Amir


rubinsed1
5,129 Views

As soon as I referenced the SID in adding the account to DFM via Setup -> "Network Credentials," the error was resolved.

Thanks Amir!

gdefevere
5,129 Views

I had the same issue on two controllers, but we used local accounts (not domain accounts). It started after head replacement.

Fri May  3 09:34:34 CEST [snmp.agent.msg.access.denied:warning]: Permission denied for SNMPv3 requests from snmpv3user. Reason: User does not exist.

After searching for a solutions (not finding), I've deleted and readded my users and it was solved!

JNSTEGEMANOEH
5,074 Views

I had the same error with a local account, I deleted and recreated it, as per your advice - error has gone away and all is working.

 

Appears to be an issue when upgradingf from ONTAp 8.1.x to 8.2.x.

Public