Unable to login to the ONTAP CLI and System Manager using an AD domain accounts

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 147

Visibility:: Public

Votes:: 0

Category:: ontap-system-manager

Specialty:: om

Last Updated:

Applies to

ONTAP 9.
ONTAP System Manager.
Active Directory (AD).

Issue

When attempting to login to the ONTAP CLI and System Manager using an AD
domain accounts, the following error is received:

"Sign-in has failed. Verify the username and password and try again".

Username and password are correct, but authentication failure is shown.
Users are configured with appropriate applications.
The following messages are recorded in Audit log and MGWD log.

Audit logs:

[kern_audit:info:3359] 8503e8000002f625 :: NETAPP-CLUSTER:http :: XXX.XXX.XXX.XXX:10159 :: NETAPP-CLUSTER:admin@businessdomain.com :: Login Attempt :: Error: Authentication failed. [kern_audit:info:8959] 8503e8000002f625 :: NETAPP-CLUSTER:http :: XXX.XXX.XXX.XXX:10159 :: NETAPP-CLUSTER:admin@businessdomain.com :: POST /security/login HTTP/1.1 : ["X-Dot-Client-App: SMv4"] :: Error: 401 Unauthorized

MGWD:

[kern_mgwd:info:3359] 0x836024900: 0: ERR: PAM::PASSWD: doLocalUserAuth:src/pam/pam_passwd.cc:892 Error: admin@businessdomain.com entry does not exist in login table. Application: http: vserverId: 45855170: username: admin@businessdomain.com Authmethod: password. Reason: entry doesn't exist [kern_mgwd:info:3359] 0x836024900: 0: ERR: PAM::PASSWD: pam_sm_authenticate: passwd comparison failed for user(admin@businessdomain.com). [kern_mgwd:info:3359] Error: PAM failed to authenticate user 'admin@businessdomain.com', application 'http', vserver 4294967295: Permission denied