ONTAP Discussions

About ONTAP Discussions
Discuss and ask questions about NetApp's Operating System, ONTAP, and its data protection features and plug-ins.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

About ONTAP Discussions
Discuss and ask questions about NetApp's Operating System, ONTAP, and its data protection features and plug-ins.

Ask A Question

Board Activity

andre_koch

Does ABE support widelinks?

HI there we just testing widelinks in conjunction wit abe enable shares. As soon we enable ABE, the access to widelink relocate does not work anymore. Error "Windows cannot access \\blabla\bla. Has anybody sucessful implemented widelink with ABE enabled shares?  ... View more
By Occasional ContributorONTAP Discussions 2 weeks ago
147 Views
0
4
edununes

ifgrp configurarion and Cisco Nexus w/VPC

I have an ifgrp created as follows where it is being connected to a Cisco Nexus using VPC, I would like to know what the balancing method should be configured in the Nexus LACP, understanding that it must be the same as this one in the Netapp "Port" put on Nexus several options of "port" causing me confusion for which the correct to ask the network team.   ifgrp create -node <node> -ifgrp a0a -distr-func port -mode multimode_lacp ... View more
By ContributorONTAP Discussions 11 hours ago
44 Views
0
1
swordfish

Intercluster traffic using specific interfaces

We have a source a a destination cluster. Both clusters have a single intercluster lif for each node as of now. They have existing cluster peers with some other existing clusters. We want to setup cluster peer between these two but we want to use new interfaces. We have a stretched L2 connectivity between the two and we want to utilize that. What would be the best approach to make sure that intercluster traffic between the two goes through the new lifs that we create and does not use the existing lifs. Both can reach each other on existing lifs as well. ... View more
By ContributorONTAP Discussions 10 hours ago
104 Views
0
7
netappmagic

Can I tell how much space being taken for SnapShots on Linux?

on Linux NFS file system, you can do "du .snapshots", but this is not the real space of how much SnapShot being used.  I can tell on NetApp filers.    Is there anyway I can tell on Linux? ... View more
By Frequent ContributorONTAP Discussions yesterday
122 Views
0
3
JonathanAlexander

ONTAP 9.8 simulator "LDAP not configured" even though ldap checks pass

We are relatively new to netapp on tap and have been trying to configure LDAP (FreeIPA LDAP) on the ONTAP 9.8 simulator to allow LDAP users to login to the admin ssh.   So far we have followed this documentation to create the client config and associate it with the cluster server, adding the addition auth methods to the ns-switch configuration, and adding the user to the security login configuration with the ldap application and nsswitch auth method.   https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.pow-adm-auth-rbac%2FGUID-21B12DB3-AE7D-447C-A9AC-77D7D260685A.html&lang=en However we still are unable to authenticate with an ldap user to a ssh session to the management port.  This is what the event log shows:   4/10/2021 00:42:43 node-01 NOTICE sshd.auth.loginDenied: message="Failed keyboard-interactive / pam for testuser1 from 172.16.239.1 port 53673 ssh2 " 4/10/2021 00:38:28 node-01 DEBUG secd.unexpectedFailure: vserver (Cluster) Unexpected failure. Error: Ldap Get full user info procedure failed **[ 0] FAILURE: 'Ldap' configuration not available   Client Configuration, check, nsswitch and security login:   node::vserver services name-service ldap> show Client Vserver Configuration -------------- ------------- node node node::vserver services name-service ldap client> show Client LDAP Active Directory Minimum Vserver Configuration Servers Domain Schema Bind Level ------- ------------- --------------- ----------------- ----------- ---------- node node 172.16.239.12 - RFC-2307 simple node::vserver services name-service ldap> check -vserver node Vserver: node Client Configuration Name: node LDAP Status: up LDAP Status Details: Successfully connected to LDAP server "172.16.239.12". LDAP DN Status Details: All the configured DNs are available. node::security login> show Vserver: node Second User/Group Authentication Acct Authentication Name Application Method Role Name Locked Method -------------- ----------- ------------- ---------------- ------ -------------- admin console password admin no none admin http password admin no none admin ontapi password admin no none admin service-processor password admin no none admin ssh password admin no none autosupport console password autosupport no none testuser1 ssh nsswitch admin - none node::vserver services name-service ns-switch> show Source Vserver Database Order --------------- ------------ --------- node hosts files, dns node group files node passwd files, ldap svm0 hosts files, dns svm0 group files svm0 passwd files svm0 netgroup files svm0 namemap files 8 entries were displayed.   running the access-check it certainly appears that it can query for the user and get the correct response (verified with ldapsearch on the ldap server).   node::vserver services*> access-check authentication show-ontap-admin-unix-creds -vserver node -unix-user-name testuser1 User Id: 1896000001 Group Id: 1896000001 Home Directory: Login Shell: /bin/sh   We are wondering if the default schema  RFC 2307 supports the  FreeIPA centos 8 identity manager default configuration, or if we need to specify specific LDAP attributes for it to use during authentication...  Any help or suggestions are appreciated ... View more
By ContributorONTAP Discussions yesterday
189 Views
0
6
More
Earn Rewards for Your Review!
GPI Review Banner
All Community Forums
Learn about the Community Get Started
Still have Questions Start a Discussion
Rules of the Community Read More
© 2021 NetApp
Let us know
Public