ONTAP Discussions

TrendMicroServerProtect connectivity issue between ONTAP 9.3



I have configured Trend Micro Server Protect for doing scan for one of the vserver. When I run scanning manually it is working, scan is doing well but scheduled work is giving error that antivirus user has security.invalid.login: Failed to authenticate login attempt with application ontapi.


ONTAP management LIFs for Polling tool also did not have any issues.


User is from domain and it has read-only privileges for whole cluster.


What can be the reason why it is working manually but not in schedule?


Re: TrendMicroServerProtect connectivity issue between ONTAP 9.3




In general, that error means the "The User does not have 'ontapi' application permissions to access storage systems".


Step 1 : I am guessing this is already in place ?
::> security login role create -vserver cluster -role network-readonly   -cmddirname "network interface" –access readonly

[The AV connector will connect to the cluster Mgmt interface to read out the LIFs that are active whithin the Storage Virtual Machine (SVM)]


Step 2 : Is the user given 'ontap' api access ?
cluster1::> security login create -vserver cluster1 -username <avconnect_user> -application ontapi -authmethod password

Also, could you ensure the prerequisite & best practices are followed as per this TR:


Page 17 & 18: Antivirus connector
Page 26: Add Privileged Users to Scanner Pool
Page 30: General best practices



Earn Rewards for Your Review!
GPI Review Banner
All Community Forums