ONTAP Discussions

TrendMicroServerProtect connectivity issue between ONTAP 9.3

Adam_storage
1,728 Views

Hello,

I have configured Trend Micro Server Protect for doing scan for one of the vserver. When I run scanning manually it is working, scan is doing well but scheduled work is giving error that antivirus user has security.invalid.login: Failed to authenticate login attempt with application ontapi.

 

ONTAP management LIFs for Polling tool also did not have any issues.

 

User is from domain and it has read-only privileges for whole cluster.

 

What can be the reason why it is working manually but not in schedule?

1 REPLY 1

Ontapforrum
1,708 Views

Hi,

 

In general, that error means the "The User does not have 'ontapi' application permissions to access storage systems".

 

Step 1 : I am guessing this is already in place ?
::> security login role create -vserver cluster -role network-readonly   -cmddirname "network interface" –access readonly

[The AV connector will connect to the cluster Mgmt interface to read out the LIFs that are active whithin the Storage Virtual Machine (SVM)]

 

Step 2 : Is the user given 'ontap' api access ?
cluster1::> security login create -vserver cluster1 -username <avconnect_user> -application ontapi -authmethod password


Also, could you ensure the prerequisite & best practices are followed as per this TR:
https://www.netapp.com/us/media/tr-4312.pdf

 

Page 17 & 18: Antivirus connector
Page 26: Add Privileged Users to Scanner Pool
Page 30: General best practices

 

Thanks!

Public