ONTAP Discussions

Authentication to use with nsswitch (group)

arsalankhan
1,959 Views
Can’t we add http authentication to use with nsswitch (group) ?


ABC-CDOT::> security login create -user-or-group-name servergroup -application http -authentication-method nsswitch -role admin -is-ns-switch-group yes -vserver ABC-CDOT

Error: command failed: "-is-nsswitch-group yes" is supported only for applications "ontapi" and "ssh".
1 REPLY 1

Sahana
1,916 Views

Hi,

 

The Active Directory, LDAP, or NIS group name can be specified only with the domain or nsswitch authentication method and ontapi and ssh application. (Ref: http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.pow-adm-auth-rbac%2FGUID-0DB65B04-71DB-43F4-9A0F-850C93C4896C.html)

 

Since the OCSM is configured internally, they can authenticate the users internally.
Change the authentication method to internal.

Also refer a similar discussion: http://community.netapp.com/t5/Network-Storage-Protocols-Discussions/When-to-use-security-admin-authentication-internal-or-nsswitch/m-p/112545#M8074

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Public