NetApp Community Update
This site will enter Read Only mode on July 23 as we prepare to move to a new platform. You will still be able to view content, but posting and replying will be temporarily disabled.
We're excited to launch our new Community experience on July 30 and more information will follow soon.
Stay connected during the transition - Join our Discord community today.

ONTAP Discussions

ad authentication with 8.3 problem

peter65
4,436 Views

Hi I have a 2 node cluster running one SVM with CIFS and NFS protocols with 8.3P1. I am trying to provide readonly access to a domain account however when the user logs in he will get an error displaying:

the server (displays cluster mgmt ip here)  at remote administration API support requires a username and password.

 

He entered it as domainname\username and his password and still no go.

 

This is what I did on the storage side:

 

enabled the tunnel 

then provided user with readonly access to cluster
security login create -vserver <name_of_cluster> -user domain\username -application http -authmethod domain -role readonly

 

I also performed the same command on the SVM as well and still no go. Any other hints tips or tricks?

3 REPLIES 3

peter65
4,422 Views

Argh I forgot  I have to add additional roles as well such as "ontapi". So I added http and ontapi with the role of 'readonly' and was able to login via the url. i tested by attempting to create and delet things and i got the message pop up saying i needed additional privs. so i suppose i solved it..  Unles sthere is something else I forgot..?

 

 

 

hadrian
4,377 Views

Hi Peter,

 

You are absolutely on the right track.  

 

When you mentioned "login via the url" - what URL is this read-only user attempting to reach?

 

Hadrian

peter65
4,351 Views

the url i am referring to is to the cluster_mgmt

 

http://cluster_name_here

 

or

 

https://cluster_name/sysmgr/SysMgr.html

 

Basically the cluster management lif

Public