Re: Active Directory Domain Tunnel
As noted by @TMACMD,If you are on version 9.16, create a vserver. You can use:> vserver active-directory create -vserver vservername -account-name computername -domain domainl -ou CN=Computers
View ArticleRe: Active Directory Domain Tunnel
Not quite there yet. I've got 4 nodes to evict out of my cluster (currently on 9.11.1P10). Plan is to remove these nodes, upgrade my new controllers to the latest and greatest. Im just trying to find...
View ArticleRe: Active Directory Domain Tunnel
History. Historically, NetApp just did not allow it. The admin svm was the admin svm and you couldnt do anything else. The domain-tunnel was create a very long time ago, near the beginning of Clustered...
View ArticleRe: Active Directory Domain Tunnel
To add to this (and reduce concerns) the tunnel does *NOT* allow any AD user to log in. It only provides the mechanism to authenticate. User logins are still defined by adding security login users...
View ArticleRe: Active Directory Domain Tunnel
Thanks @parisi i personally dislike that document wording. you do not have to create a cifs enabled svmi personally create a vserver and remove all protocols. I then set up the networking and create an...
View ArticleONTAP Mediator 1.9.1 installation hangs on RHEL 8.2 (Azure VM) with "writing...
Hello, I am having installation hang problem while installing ONTAP Mediator 1.9.1How I try to install:Extracted installer archive /opt/ontap/and on /opt/ontap/ontap-mediator-1.9.1...
View ArticleRe: NetApp not recognizing disk shelves
The problem was that the disks were not correctly assigned to their respective nodes. I needed to boot into maintenance mode and then assign the disks correctly.
View ArticleRe: ONTAP Mediator 1.9.1 installation hangs on RHEL 8.2 (Azure VM) with...
Hi all,I'd like to share detailed findings and progress on the ONTAP Mediator 1.9.1 installation issue I previously posted about, where the installer was hanging indefinitely during RSA key generation...
View ArticleRe: Removing Nodes from Cluster
@TMACMD @donny_lang Thanks both for your replies. Today I have successfully removed 4 nodes out of our cluster leaving us with two full supported nodes awaiting an ONTAP Upgrade which I will look at...
View ArticleTrusted Certificate Authorities - admin - Expired
In ONTAP 9.13.1, in the Trusted Certificate Authorities, one of them is named "admin." I vaguely understand this to be a built-in cert, but it's expired. The scope is at the cluster level, so I'm...
View Articleroot vol missing and cannot be created
Hello Netapp World, I need you collective help regarding a Root Volume Recovery process. We have a bit old FAS8200, 9.3P1 that was powered off for a while. Recently it was powered on but neither of the...
View Article[QA]IdP configuration in CloudGate to enables SAML authentication when login...
Hi Experts, Could you help to confirm how can we configure claim rules in CloudGate to enable SAML authentication when login to ONTAP system manager?What is the pre-requisites? Thanks,Polar.
View ArticleRe: Trusted Certificate Authorities - admin - Expired
@MooreCE, From testing the Trusted Certificate Authority "admin" that has the Scope of "Cluster" and Type "Client CA" is created when an ONTAP cluster is connected to NetApp ActiveIQ Unified Manager....
View ArticleVolume access through different export policies
Hello, I have an SVM that has two volumes as assigned objects in it’s default export policyI need to give access to just one of the two volumes to another server. The environment is red hat 8 running...
View ArticleRe: Volume access through different export policies
@TimJMcCuen , Best to create a new export policy for your new host for the specific volume. Here’s a practical example of how to create an NFS export policy in NetApp ONTAP using the CLI. This...
View ArticleRe: Volume access through different export policies
Thank you for the response. When i added the second export policy with just my new server in I started getting access denied to servers in the original export policy. The original export policy has...
View ArticleRe: Volume access through different export policies
in this case you are going to need three export policies policy one will be a read only policy that lets everyone one, applied to the svm root policy two is for the volume that needs two hosts policy...
View ArticleONTAP System Manager Certificate
Hello, The certificate is going to be expired soon. We don't have a third party SSL. I have seen this issue before with the previous ONTAP. How do we update this certificate? Version: 9.14.1P6...
View ArticleRe: ONTAP System Manager Certificate
Hi there, the process for CLI and GUI is outlined at https://kb.netapp.com/on-prem/ontap/DM/System_Manager/SM-KBs/How_to_renew_an_ONTAP_selfsigned_certificate_via_System_Manager - please let us know if...
View ArticleRe: root vol missing and cannot be created
Hi there! Access Boot Menu: When prompted, you will see a menu with several options.Select Option (6): Choose "(6) Update flash from backup config." This option will restore the system configuration...
View Article