Skip to main content
NetApp Knowledge Base

SAML setup and troubleshooting in Active IQ Unified Manager

Views:
442
Visibility:
Public
Votes:
0
Category:
active-iq-unified-manager
Specialty:
om
Last Updated:

Applies to

  • Active IQ Unified Manager 7.3 (9.3) and above
  • Security Assertion Markup Language (SAML)

Description

Beginning with NetApp® ONTAP® 9.3, NetApp is addressing MFA (Multifactor Authentication) requirement for web authentication in OnCommand Unified Manager (OCUM) or Active IQ Unified Manager.

Security Assertion Markup Language (SAML) 2.0 is a widely adopted industry standard that allows any third-party SAML-compliant identity provider (IdP) to perform MFA using mechanisms unique to the IdP of the enterprise’s choosing and as a source of single sign-on (SSO).  

There are three roles defined in the SAML specification:

  1. The principal
  2. The IdP (identity provider)
  3. The service provider (SP).

In this implementation, a principal is the cluster administrator gaining access to ONTAP through OCUM. The IdP is third-party IdP software from an organization such as Microsoft Active Directory Federated Services (ADFS) or the open-source Shibboleth IdP. The SP (service provider) is the SAML capability built into OCUM web application.

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support