Skip to main content
NetApp Knowledge Base

How to use a (g)MSA for ONTAP antivirus services

Views:
139
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9
  • (Group) Managed Service Account ((g)MSA)
  • ONTAP antivirus (AV) services

Description

  • A (g)MSA can be used for ONTAP antivirus (AV) services as a normal domain user account
  • If a (g)MSA (machine account) is used, it will be treated as a NULL user (ANONYMOUS LOGON) during authentication
  • If access to a NULL user for authentication is not granted, access will be denied and below events are reported in the Security Daemon (SECD):

Treating machine account '...$' as a NULL user
Attempting to map name ANONYMOUS LOGON
RESULT_ERROR_SECD_DOMAIN_NAME_NOT_SET
Attempting to map name ANONYMOUS LOGON
RESULT_ERROR_SECD_IN_DISCOVERY
RESULT_ERROR_GENERAL_INVALID_PTR
Trying to map 'ANONYMOUS LOGON' to UNIX user 'pii_encrypt/.../pii_encrypt' using implicit mapping
Get UserId and Group Id for UserName = anonymous logon
RESULT_ERROR_SECD_USER_NOT_FOUND
Unable to map Windows Anonymous user. Mapping to UNIX user 'pii_encrypt/.../pii_encrypt'

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device