Network and Storage Protocols

DMZ

alexgiles
4,436 Views

Is it possible to expose the netapp to a node that is not part of its registered domain?  For example:  I have DMZ servers that need to pull web updates from a Netapp share.  Is this possible?  Thank you

1 ACCEPTED SOLUTION

radek_kubka
4,436 Views

Hi & welcome to the communities!

Typically that can be handled in two ways:

1) on a clustered system each controller can join different domains (or only one can join a domain)

2) if this is a single-controller setup, or more granularity / domain joins are required, then MultiStore license will help - this can split a physical filer into multiple vFilers & each of them can join different domains

Regards,
Radek

View solution in original post

5 REPLIES 5

radek_kubka
4,437 Views

Hi & welcome to the communities!

Typically that can be handled in two ways:

1) on a clustered system each controller can join different domains (or only one can join a domain)

2) if this is a single-controller setup, or more granularity / domain joins are required, then MultiStore license will help - this can split a physical filer into multiple vFilers & each of them can join different domains

Regards,
Radek

reena
4,436 Views

Be careful about the clustered systems, it's not recommended for the failover reasons. If the 2 controllers are participating in different domains,  then during the failover, the taking over system won't be able to join the other domain.

Reena

radek_kubka
4,436 Views
If the 2 controllers are participating in different domains,  then during the failover, the taking over system won't be able to join the other domain.

And why is that?

Failed over controller exist as a virtual entity inside the other controller memory, so it still has its unique host name, separate CIFS server, different IP addresses, etc. - so IMHO it shouldn't be a problem.

Let me know if I am missing something.

Regards,
Radek

scottgelb
4,436 Views

It works to have different domains...  the partner does share some options, time, etc. in failover, but not domain settings... supported per the link below.

http://now.netapp.com/NOW/knowledge/docs/ontap/rel7261/html/ontap/cluster/failing_over/concept/c_oc_fo_aa-characteristics.html 

Characteristics of nodes in an active/active configuration

They can reside on the same Windows domain or on different domains.

reena
4,436 Views

OK.. sorry I missed that earlier. Earlier this was not the case, so seems like it is supported now. But as Radek had also pointed out towards the multistore option, that's an excellent feature to be able to join different Windows domains.

Public