ONTAP Discussions

SSH admin Login without password - Domain Group User


Hi there. I've reviewed the following link, but have a unique (surely not) problem.



My admin user account is part of an AD Admin Group, the GROUP has access to logon to the Cluster & we are not allowed to have individual account access. They want admin access controlled through the AD group. So thats all fine and works, but I want to setup key pair login with my AD authenticated account via SSH. The above article says I need my own individual account access on the cluster to upload my pub key.


I guess I'm wondering if my AD auth can be forwarded to either System Manager or my SSH session? OR how do I make SSH login work with a key pair while using an AD Group account? Hopefully that makes sense.





I tried running through your request in one my lab but i am not able to create either recommendation that you requesting.

I have shared below a TR regarding Multifactor Authentication in ONTAP that might be helpful:






Thanks for your efforts. I'm trying to log into the CLI without having to type a password. I have to log in to different clusters about 30 times a day. That's 30 times I need to type in a complex password.


I'm looking for a way to authenticate by passing through my already authenticated windows AD session... or any other way, like public/private key but it has to work with my account being part of an AD group. 


It seems ONTAP does not currently support this. Maybe a feature request? What about a tick box on the System Manager login page like vSphere has to use your current session credentials to authenticate?

NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner