ONTAP Discussions

ad authentication with 8.3 problem

peter65

Hi I have a 2 node cluster running one SVM with CIFS and NFS protocols with 8.3P1. I am trying to provide readonly access to a domain account however when the user logs in he will get an error displaying:

the server (displays cluster mgmt ip here)  at remote administration API support requires a username and password.

 

He entered it as domainname\username and his password and still no go.

 

This is what I did on the storage side:

 

enabled the tunnel 

then provided user with readonly access to cluster
security login create -vserver <name_of_cluster> -user domain\username -application http -authmethod domain -role readonly

 

I also performed the same command on the SVM as well and still no go. Any other hints tips or tricks?

3 REPLIES 3

peter65

Argh I forgot  I have to add additional roles as well such as "ontapi". So I added http and ontapi with the role of 'readonly' and was able to login via the url. i tested by attempting to create and delet things and i got the message pop up saying i needed additional privs. so i suppose i solved it..  Unles sthere is something else I forgot..?

 

 

 

hadrian

Hi Peter,

 

You are absolutely on the right track.  

 

When you mentioned "login via the url" - what URL is this read-only user attempting to reach?

 

Hadrian

peter65

the url i am referring to is to the cluster_mgmt

 

http://cluster_name_here

 

or

 

https://cluster_name/sysmgr/SysMgr.html

 

Basically the cluster management lif

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public