Is it obligatory that NetApp cluster is joined to an Active Directory Domain?
Applies to
- ONTAP 9
- CIFS/SMB
- Virtual Machines (vms)
Answer
- No, it is not obligatory that the NetApp cluster is joined to a domain
Example: If a customer has several Windows vms that are joined in domain X. Domain X is under the administration of the end customer and you do not have direct access to it, but have administrative access to the Windows vms and manage them
- It is best practice to join the SVM to the domain
-
This would allow the Windows VMs to authenticate against the domain when accessing the shares
-
The NetApp cluster would then rely on the customer's domain controllers for authentication and authorization
-
- Workgroup mode can be used as well
- This requires you to manage the local accounts and permissions and you cannot use domain accounts for permissions on the files
- The Windows VMs would need to provide the appropriate credentials when accessing the shares