Solved: Netapp cdot 8.3 AV Connector Install

Singhz · ‎2016-04-21

Hi

Trying to install the Netapp AV Connector in CDOT 8.3 but i keep getting "Access is Denied" when i provide credentials on the "ONTAP AV Connectr Web Service Credentials" page.

Installing on a Windows 2012R2 server vm, all pre reqs installed.

The account i am using is a domain account. It is part of the Local Administrators group on the VM that i'm installing the connector on.

Where am i going wrong....???? Any help will be much appreciated.

john_higgins · ‎2016-11-25

Have to run installation as Administrator.

View solution in original post

Sahana · ‎2016-04-21

Hi

Refer Kb 2018449 Troubleshooting Workflow: Clustered Data ONTAP Antivirus Connector (Offbox\Offboard AV) <requires login>, section Cause 3- Scanner pool configuration does not specify the vscanner IPs and/or users in the allowed list, or are input incorrectly, or are not active at the moment

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

NAYABSK · ‎2016-04-21

Hi Singh,

May i know the version of AV you are trying to install also is the windows 2012 is DC version or ENTERPRISE version

Is SMB 2 is enabled on Windows 2012 ?

.Net 3 Installed ?

Thanks,

Nayab

Singhz · ‎2016-04-22

Hi

Many thanks for replying. Would be handy if i could access the knowledgebase, keeps requesting a login, using one to which the equipment is linked to but still saying unauthorised. If you can, please can you post the contents of the KB within this forum.

As for the other questions, i am running 2012 R2 Enterprise, SMB 2.0 is enabled, .net 3.0 is installed. Am setting this up for Sophos AV.

Thanks in advance

Sahana · ‎2016-04-24

Run the vserver vscan scanner-pool show –vserver <vserver_name> command and verify if a scanner pool exists for the Vserver. If it exists, verify if you also have the correct IP of the Vscan and privileged user. Ensure that privileged user name for scanner-pool is exact match to domain user name. If the active scanner pool configuration is empty (or does not include the required scanner pool), then activate one or more scanner pools by marking those primary/secondary as required.

vserver vscan scanner-pool apply-policy -vserver vserver_1 -scanner-pool SP1 -scanner-policy primary

To add a privileged user-
vserver vscan scanner-pool privileged-users add -vserver vserver_1 -scanner-pool SP1 -privileged-users rtp2k3dom\administrator
To add the vscanner IP-
vserver vscan scanner-pool modify -vserver vserver_1 -scanner-pool SP1 -servers <ip address>

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Singhz · ‎2016-07-04

Sorry for the late reply. For the benefit of others this was solved by copying the connector install to the local server / vm and using the local admin account to do the install.

Thanks

JulianFranchi · ‎2016-11-15

Thank you, it worked for me. Its only a Windows issue.

Richard_S · ‎2016-07-13

Hi Guys, the OPs problem relates to installing the NetApp AV connector on the Windows host. This is waaay before the AV connector is trying to talk to cDOT and any SVMs. So the cDOT-side config for scanner-pools etc. is not relevant to this problem. For this problem it's purely a Windows OS/security issue with which accounts can install software and which accounts can be used as service-accounts.

Cheers, RS

john_higgins · ‎2016-11-25

Have to run installation as Administrator.