Microsoft Virtualization Discussions

domain user in Administrators group in FAS2020 doesn't work

INTERNOVUSBG
4,139 Views

Hi all,

I have a HyperV cluster and want to implement SnapManager for hyperV.

I successfully joined netapp filler into my domain and added my domain\service account to Administrators group of Netapp,

under this account I run Snapdrive and SnapManager services.
But for some reason SnapDrive cannot see any lun. Trying manually to add the storage settings through Snapdrive interface shows me that my domain account does't work. I receive authentication error.

No problems with root, but wizard tells me that i should use domain account that has full permission to the win cluster, which is normally.

Even more, I found that I cannot login to the console with the domain account.

Tried with other domain user, with whole domain admins group, but no success.

Any ideas what to check/change?

5 REPLIES 5

nicholaf
4,139 Views

What is the output of the command 'cifs domaininfo'? What DC is the PC SnapDrive is on connected to?

INTERNOVUSBG
4,139 Views

CzechNetapp> cifs domaininfo

NetBios Domain:                              CLOUDAD

Windows 2003 Domain Name:         cloudad.local

Type:                                                 Windows 2003

Filer AD Site:                                     Default-First-Site-Name

 

Current Connected DCs:              \\CLOUDDC1

Total DC addresses found:           2

Preferred Addresses:                    None

Favored Addresses:                     192.168.15.228    CLOUDDC1         PDC

                                                     192.168.15.229                                 PDC

Other Addresses:                          None

 

Connected AD LDAP Server:      \\clouddc2.cloudad.local

Preferred Addresses:                   None

Favored Addresses:                    192.168.15.229

                                                    clouddc2.cloudad.local

                                                    192.168.15.228

                                                    clouddc1.cloudad.local

Other Addresses:                        None

both Win cluster nodes uses currently these domain controllers

nicholaf
4,139 Views

What account is the snapdrive/snapmanager services running under itself? Go to Start>Run type in services.msc & hit enter. Right-click on the snapdrive/snapmanager services, go to properties, & click on the log on tab. Is it set to run under the local system account or the domain\service account?

Regards,

Nicholas Lee Fagan

INTERNOVUSBG
4,139 Views

Hi Nicholas,

both services are running under domain user account which is local admin for the both nodes and has admin permissions to the storage.
I know the user requirements for successful backups with Snapmanager for HyperV. I have successful installation for other branches and SMHV works fine there.

The problem here is about storage users. Despite of successful joining to the domain and that I can add/remove domain users in Netapp administrators group, for some reason these users doesn't works over the storage.

If i add local user in the administrators group, it can successfully login to the storage (by SSH for example). But domain users in the netapp administrators group doesn't works. I mean I can add domain users, netapp successfully can resolve it i the domain and add it in the group, but if I try to use domain user, it can't login to storage. The message is "Access Denied" which mean that user don't have properly permissions or doesn't exist.
I started to think that something wrong with my connection/authentication to the domain. i tried also with domain admins users, but no effect.

nicholaf
4,139 Views

Let's test the filer's connection to the domain controller. What is the output of the command 'cifs testdc CLOUDAD' ? Also, let's double-check to make sure the domain group has access privileges to the filer. Follow knowledgebase article:

https://kb.netapp.com/support/index?page=content&id=1011820&locale=en_US

Regards,

Nicholas Lee Fagan

Public