Data ONTAP Discussions

Authentication to use with nsswitch (group)

Can’t we add http authentication to use with nsswitch (group) ?


ABC-CDOT::> security login create -user-or-group-name servergroup -application http -authentication-method nsswitch -role admin -is-ns-switch-group yes -vserver ABC-CDOT

Error: command failed: "-is-nsswitch-group yes" is supported only for applications "ontapi" and "ssh".
1 REPLY

Re: Authentication to use with nsswitch (group)

Hi,

 

The Active Directory, LDAP, or NIS group name can be specified only with the domain or nsswitch authentication method and ontapi and ssh application. (Ref: http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.pow-adm-auth-rbac%2FGUID-0DB65B04-71DB-43F4-9A0F-850C93C4896C.html)

 

Since the OCSM is configured internally, they can authenticate the users internally.
Change the authentication method to internal.

Also refer a similar discussion: http://community.netapp.com/t5/Network-Storage-Protocols-Discussions/When-to-use-security-admin-authentication-internal-or-nsswitch/m-p/112545#M8074

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Forums