ONTAP Discussions

TrendMicroServerProtect connectivity issue between ONTAP 9.3

Adam_storage

Hello,

I have configured Trend Micro Server Protect for doing scan for one of the vserver. When I run scanning manually it is working, scan is doing well but scheduled work is giving error that antivirus user has security.invalid.login: Failed to authenticate login attempt with application ontapi.

 

ONTAP management LIFs for Polling tool also did not have any issues.

 

User is from domain and it has read-only privileges for whole cluster.

 

What can be the reason why it is working manually but not in schedule?

1 REPLY 1

Ontapforrum

Hi,

 

In general, that error means the "The User does not have 'ontapi' application permissions to access storage systems".

 

Step 1 : I am guessing this is already in place ?
::> security login role create -vserver cluster -role network-readonly   -cmddirname "network interface" –access readonly

[The AV connector will connect to the cluster Mgmt interface to read out the LIFs that are active whithin the Storage Virtual Machine (SVM)]

 

Step 2 : Is the user given 'ontap' api access ?
cluster1::> security login create -vserver cluster1 -username <avconnect_user> -application ontapi -authmethod password


Also, could you ensure the prerequisite & best practices are followed as per this TR:
https://www.netapp.com/us/media/tr-4312.pdf

 

Page 17 & 18: Antivirus connector
Page 26: Add Privileged Users to Scanner Pool
Page 30: General best practices

 

Thanks!

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

Public