Hi

Refer Kb 2018449 Troubleshooting Workflow: Clustered Data ONTAP Antivirus Connector (Offbox\Offboard AV)  <requires login>, section Cause 3- Scanner pool configuration does not specify the vscanner IPs and/or users in the allowed list, or are input incorrectly, or are not active at the moment

Hi Singh, 

May i know the version of AV you are trying to install also is the windows 2012 is DC version or ENTERPRISE version

Is SMB 2 is enabled on Windows 2012 ?

.Net 3 Installed ?

Thanks,

Nayab

Hi

Many thanks for replying. Would be handy if i could access the knowledgebase, keeps requesting a login, using one to which the equipment is linked to but still saying unauthorised. If you can, please can you post the contents of the KB within this forum.

As for the other questions, i am running 2012 R2 Enterprise, SMB 2.0 is enabled, .net 3.0 is installed. Am setting this up for Sophos AV.

Thanks in advance

Run the vserver vscan scanner-pool show –vserver <vserver_name> command and verify if a scanner pool exists for the Vserver. If it exists, verify if you also have the correct IP of the Vscan and privileged user. Ensure that privileged user name for scanner-pool is exact match to domain user name. If the active scanner pool configuration is empty (or does not include the required scanner pool), then activate one or more scanner pools by marking those primary/secondary as required.

vserver vscan scanner-pool apply-policy -vserver vserver_1 -scanner-pool SP1 -scanner-policy primary

To add a privileged user-
vserver vscan scanner-pool privileged-users add -vserver vserver_1 -scanner-pool SP1 -privileged-users rtp2k3dom\administrator
To add the vscanner IP-
vserver vscan scanner-pool modify -vserver vserver_1 -scanner-pool SP1 -servers <ip address>

Sorry for the late reply. For the benefit of others this was solved by copying the connector install to the local server / vm and using the local admin account to do the install.

Thanks

Hi Guys, the OPs problem relates to installing the NetApp AV connector on the Windows host. This is waaay before the AV connector is trying to talk to cDOT and any SVMs. So the cDOT-side config for scanner-pools etc. is not relevant to this problem. For this problem it's purely a Windows OS/security issue with which accounts can install software and which accounts can be used as service-accounts.

Cheers, RS

Thank you, it worked for me. Its only a Windows issue.