ONTAP Discussions

Why do I see the "root" user under the SVM > users and groups > UNIX > users in ONTAP 8.3

MohammadAli
3,775 Views

Hi Everyone,

 

I have clustered Data ONTAP 8.3.0 with FC, iscsi, CIFS protocol configured in the SVM.

 

Why do I see the "root" user under the SVM > users and groups > UNIX > users. Kindly see the screenshot attached.

 

 

Unfortunately I can log into the SVM by this "root" user with the SVM lif and password "admin". Now security team is after me to change this password to something complex but the command doesn't work. See the below output:

 

cluster1::> security login password -vserver SVM-STORAGE01 -username root

Error: command failed: entry doesn't exist

cluster1::>

 

When I try to list down the available users from cli it doesn't show the "root" user.

 

cluster1::> security login show -vserver SVM-STORAGE01

Vserver: SVM-STORAGE01
                             Authentication                  Acct
User/Group Name  Application Method         Role Name        Locked
---------------- ----------- -------------- ---------------- ------
vsadmin          ontapi      password       vsadmin          yes
vsadmin          ssh         password       vsadmin          yes
2 entries were displayed.

cluster1::>

 

But when I try to login to the that SVM using the the svm lif I can login using that “root” account with a password “admin”. And it gives only limited number of commands to execute. Kindly see the below cli output.

 

login as: root

Using keyboard-interactive authentication.

Password:

SVM-STORAGE01::> security login password

 

Error: "security" is not a recognized command

 

SVM-STORAGE01::> ?

  up                          Go up one directory

  exit                        Quit the CLI session

  history                     Show the history of commands for this CLI session

  man                         Display the on-line manual pages

  redo                        Execute a previous command

  rows                        Show/Set the rows for this CLI session

  top                         Go to the top-level directory

 

SVM-STORAGE01::>

 

Appriciate your quick and kind reply.

3 REPLIES 3

Naveenpusuluru
3,716 Views

Hi @MohammadAli

 

Can you please show me the below commands output.

 

vserver name-mapping show -vserver SVM-STORAGE01

Naveenpusuluru
3,696 Views

Hi @MohammadAli

 

Please use the below command to check the users

 

vserver services unix-user show

 

Please refer to the below link to check the full information.

 

https://library.netapp.com/ecmdocs/ECMP1366834/html/GUID-D315524D-F5F7-4DEA-BD6B-CE9943108984.html

Public