- ONTAP 9.2
- ONTAP 9
- ONTAP 9.1
Below procedure lists the steps required in order to successfully configure LDAP Authentication for Cluster (Admin) SVM on Cluster Data ONTAP.
- This will allow use of UNIX credentails stored in Windows AD LDAP for an administrative authentication (ssh, ontapi, web) to ONTAP.
- As this is an example, please make sure that the settings and values you use match your environment.
- This procedure was tested with Ontap 9.x but is expected to work with prior versions of cDot as well.
On ONTAP side make sure the configured schema and its attributes reflects what is exactly configured in the Active Directory schema, copy one of the read-only schema and modify appropriately.
The LDAP schema configuration examples:
How to configure RFC 2307bis for Windows
How to set up and configure LDAP for Clustered Data ONTAP 8.x
If you are not sure about the AD schema details please consult your Domain Admin,
alternatively connect to Active Directory, open the "Active Directory Users and Groups" MMC Snap-In, enable the "Advanced Features" under the "View" menu and examine the attributes for a user "Properties > Attribute Editor".
For more information, best practices or troubleshooting steps please refer to:
Unified Windows and UNIX Authorization Using Microsoft Active Directory LDAP as a Directory Store
Secure Unified Authentication Kerberos, NFSv4, and LDAP in ONTAP