Solved: SNMP v3 configuration

not_a_Lone_wolf · ‎2020-11-18

Hi Team. I am trying to configure SNMPv3 on cluster using ONTAP 9 SNMP Configuration Express Guide. I havd added v3 user. However, the default community user 'public' still exists as seen below:

Second
User/Group Authentication Acct Authentication
Name Application Method Role Name Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
general snmp usm readonly - none
public snmp community readonly - none
2 entries were displayed.

Do I need to disable/delete the 'public' user?

ttran · ‎2020-11-26

Hello Not_a_Lone_wolf,

You can "disable" the account by removing all privileges for the user by changing the "role" to "none" using the command:

::> security login modify -user-or-group-name public -role none -application snmp -authentication-method community

Here is a reference document to change the role:

Security Login Modify

As long as you have an SNMPv3 user-created, which it looks like you have with user "general", deleting the user public won't impact SNMPv3.

Here is also a KB with more details on configuring SNMPv3:

How to enable SNMP v3 in ONTAP 9

Regards,

Team NetApp

View solution in original post

Mjizzini · ‎2020-11-18

If you are not using it, i dont see a reason to not delete it or leaving it as is.

not_a_Lone_wolf · ‎2020-11-18

Hi @Mjizzini Thanks a lot for your guidance. So is it a way to disable that account instead of deleting it? Also, if the account is not deleted, would it impact the SNMPv3?

ttran · ‎2020-11-26