Skip to main content
NetApp Knowledge Base

Search

  • Filter results by:
    • View attachments
    Searching in
    About 10 results
    • Is it possible to use MFA for Cloud Manager login?
      https://kb.netapp.com/Cloud/BlueXP/Cloud_Manager/Is_it_possible_to_use_MFA_for_Cloud_Manager_login
      Applies to NetApp BlueXP NetApp Cloud Manager (connector) Multifactor Authentication (MFA) Federated access Answer When utilizing federated access, you can add MFA (at your company’s discretion) for h...Applies to NetApp BlueXP NetApp Cloud Manager (connector) Multifactor Authentication (MFA) Federated access Answer When utilizing federated access, you can add MFA (at your company’s discretion) for heightened security. For instructions see Federation Support Additional Information
    • Error while retrieving volumes for working environment
      https://kb.netapp.com/Cloud/BlueXP/Cloud_Manager/Error_while_retrieving_volumes_for_working_environment
      Applies to NetApp Cloud Manager NetApp Cloud Volumes ONTAP (CVO) Microsoft Azure Issue When trying to enter a WorkingEnvironment, the following error is displayed in Cloud Manager: An error occurred w...Applies to NetApp Cloud Manager NetApp Cloud Volumes ONTAP (CVO) Microsoft Azure Issue When trying to enter a WorkingEnvironment, the following error is displayed in Cloud Manager: An error occurred while retrieving volumes for working environment ABCD_123_01: This request is not authorized to perform this operation.
    • UIT STO TLS1.2 AUDIT
      https://kb.netapp.com/Cloud/Cloud_Volumes_ONTAP/UIT_STO_TLS1.2_AUDIT
      Applies to Cloud Volumes ONTAP (CVO) Microsoft Azure Microsoft Defender for Storage Security recommendations Issue Microsoft Defender for Storage gives these recommendations regarding CVO: UIT-STO-TLS...Applies to Cloud Volumes ONTAP (CVO) Microsoft Azure Microsoft Defender for Storage Security recommendations Issue Microsoft Defender for Storage gives these recommendations regarding CVO: UIT-STO-TLS1.2-AUDIT Storage account should use a private link connection Storage account should restrict network access using virtual network rules Storage account public access should be disallowed Access to storage accounts with firewall and virtual network configurations should be restricted
    • Security scanner found Jetty vulnerability 9.2.13 in Cloud Manager 3.9.1 build 1
      https://kb.netapp.com/Cloud/BlueXP/Cloud_Manager/Security_scanner_found_Jetty_vulnerability_9.2.13_in_Cloud_Manager_3.9.1_build_1
      Applies to Cloud Manager Jetty vulnerability Issue Security scanner is flagging a Jetty vulnerability for 9.2.13 used for Cloud Manager. Example: QID 13181 - Eclipse Jetty Multiple Vulnerabilities det...Applies to Cloud Manager Jetty vulnerability Issue Security scanner is flagging a Jetty vulnerability for 9.2.13 used for Cloud Manager. Example: QID 13181 - Eclipse Jetty Multiple Vulnerabilities detected on port 443 - Jetty(9.2.13.v20150730) Eclipse Jetty is a Java HTTP server and Java Servlet container. While Web Servers are usually associated with serving documents to people, Jetty is now often used for machine to machine communications, usually within larger software frameworks.
    • How to create a secondary cluster admin in CVO for security hardening
      https://kb.netapp.com/Cloud/Cloud_Volumes_ONTAP/How_to_create_a_secondary_cluster_admin_in_CVO_for_security_hardening
      Applies to NetApp Cloud Volumes ONTAP (CVO) ONTAP security hardening As per TR-4569, it is recommended to create replacements with least privilege, for built-in users that otherwise cannot be removed ...Applies to NetApp Cloud Volumes ONTAP (CVO) ONTAP security hardening As per TR-4569, it is recommended to create replacements with least privilege, for built-in users that otherwise cannot be removed and should be locked In CVO, the default built-in admin account is used to discover the WorkingEnvironment in Cloud Manager. As Cloud Manager will use REST API to communicate with the CVO and perform management tasks, it is crucial that the necessary roles and applications are retained
    • Is there a default set of ACLs that is always unconditionally applied to directories copied by robocopy?
      https://kb.netapp.com/on-prem/ontap/da/NAS/NAS-KBs/Is_there_a_default_set_of_ACLs_that_is_always_unconditionally_applied_to_directories_copied_by_robocopy
      Applies to ONTAP 9 Robocopy CIFS Access Control List (ACL) Answer No, there is no such a default set of ACL. Additional Information additionalInformation_text
    • Does System Manager update changes to password policy?
      https://kb.netapp.com/on-prem/ontap/DM/System_Manager/SM-KBs/Does_System_Manager_update_changes_to_password_policy
      Applies to ONTAP System Manager (OSM) System Manager 9.8 Answer System Manager 9.8 UI check for password length does not update changes to password policy Remove password validity check in System Mana...Applies to ONTAP System Manager (OSM) System Manager 9.8 Answer System Manager 9.8 UI check for password length does not update changes to password policy Remove password validity check in System Manager UI as these can be changed in ONTAP by user from CLI, as per their organization policy. security login role config modify Enabling or disabling required password complexity for local SMB users Additional Information Please contact your NetApp or partner team for roadmap information
    • Enabling security encryption on a StorageGRID Appliance fails
      https://kb.netapp.com/hybrid/StorageGRID/Platforms/Enabling_security_encryption_on_a_StorageGRID_Appliance_fails
      StorageGRID Appliance with FDE capable disks Enabling encryption on a diskpool/volume group produces the error: The operation cannot complete because security is disabled for the SSD cache. Attempting...StorageGRID Appliance with FDE capable disks Enabling encryption on a diskpool/volume group produces the error: The operation cannot complete because security is disabled for the SSD cache. Attempting to enable encryption on SSD cache produces the error: You cannot enable security on SSD Cache after it has been created. You can only enable security for SSD Cache during creation. Customer is trying to enable encryption after moving to production. Customer data has already been ingested.
    • Disks not getting encrypted when using CMEK in GCP
      https://kb.netapp.com/Cloud/BlueXP/Cloud_Manager/Disks_not_getting_encrypted_when_using_CMEK_in_GCP
      Error:Operation Deploy failed with error Error: Code: RESOURCE_ERROR Target: /deployments/gcpcvo-deployment/resources/gcpcvo-disk-xxyyzz Message: {"ResourceType":"compute.v1.disk","ResourceErrorCode":...Error:Operation Deploy failed with error Error: Code: RESOURCE_ERROR Target: /deployments/gcpcvo-deployment/resources/gcpcvo-disk-xxyyzz Message: {"ResourceType":"compute.v1.disk","ResourceErrorCode":"400","ResourceErrorMessage":{"code":400,"errors":[{"domain":"global","message":"Cloud KMS error when using key projects/project-cvo/locations/gcp-region/keyRings/mykeyring/cryptoKeys/key: Permission 'cloudkms.cryptoKeyVersions.useToEncrypt' denied on resource 'projects/project-cvo/locations/gcp-re…
    • Security scanner reports that DB2 component of OnCommand Insight Data Warehouse is listening on an externally accessible interface
      https://kb.netapp.com/data-mgmt/OCI_Kbs/Security_scanner_reports_that_DB2_component_of_OnCommand_Insight_Data_Warehouse_is_listening_on_an_externally_accessible_interface
      Applies to OnCommand Insight Data Warehouse (DWH) Issue A security scanner reports that the DB2 component of OnCommand Insight Data Warehouse is listening on a network interface that is externally acc...Applies to OnCommand Insight Data Warehouse (DWH) Issue A security scanner reports that the DB2 component of OnCommand Insight Data Warehouse is listening on a network interface that is externally accessible.