Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Windows 2016 ldap authentication for cluster administration
2023-01-19
08:17 PM
2,757 Views
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
May we know Windows 2016 or above ldap support authentication for cluster administration (not for NAS multiprotocol, just for LDAP auth login Cluster admin?
If support, what Attributes must define in Windows 2016 LDAP? e.g. uid, gid, unixhomeDirectory, loginshell, unixUserPassword......
appreciate if anyone can provide answer
Solved! See The Solution
1 ACCEPTED SOLUTION
chinchillaking has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Probably way easier to set up a CIFS domain tunnel for this:
https://docs.netapp.com/us-en/ontap/authentication/configure-authentication-tunnel-task.html
Otherwise, ONTAP does support LDAP for cluster admin auth, but with Windows LDAP it gets a little tricky due to the password hashes being handled a bit differently. You'll likely have to manually enter a password in the account's unixuserPassword field.
5 REPLIES 5
chinchillaking has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Probably way easier to set up a CIFS domain tunnel for this:
https://docs.netapp.com/us-en/ontap/authentication/configure-authentication-tunnel-task.html
Otherwise, ONTAP does support LDAP for cluster admin auth, but with Windows LDAP it gets a little tricky due to the password hashes being handled a bit differently. You'll likely have to manually enter a password in the account's unixuserPassword field.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Parisi,
Thanks for your info, after setup unixuserPassword, it works
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi chinchillaking, please, how you set unixuserPassword?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Guedes,
Microsoft deprecation of Identity Management for Unix (IDMU) & NIS Server Role in Windows Server 2016.
Use temp Windows 2012 install IDMU, NIS server role and Password Synchronization, then reset temp user password in Windows 2012 AD, it will auto gen unixuserPassword, copy the hex value and recreate in Windows 2016 user account, it work.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi chinchillaking! Thanks for this workaround! I acctually was able to hash by other means: perl -e 'print crypt("password", "salt"),"\n"'
Just text > hex and then paste the value for the attribute. This site do text > hex:
https://www.rapidtables.com/convert/number/ascii-to-hex.html
It works and don´t need a temp environment to generate those hashed passwords.