ONTAP Discussions

Any Reason Not to Lock the vsadmin Account?


Recently I've investigated ways to lock down access to our NetApp clusters and am currently looking at the vsadmin accounts in SVMs. We don't delegate duties at the SVM level, and we use a dedicated, limited 'snapcenter' account in SVMs that need SnapCenter connectivity. We still have a 'snapdrive' account as well for a handful of cdot systems we still need SnapDrive on.


With this in mind, is there any reason not to lock the vsadmin account to reduce the number of ways someone could log in? Any "gotchas" I'm not considering?



To elaborate a little:


The ONLY reason we still have SnapDrive is for LUN management (resizing, creation, etc.) on a handful of systems to get around SnapCenter bugs. We don't use it for backups. With that in mind I think we don't need vsadmin, especially since the snapdrive service account is a vsadmin level account. Any thoughts or suggestions?

NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.