I'm trying to set up AD authentication so that AD administrators can access the CLI and System Manager using their AD accounts
1. I've run CIFS setup and added a data SVM to AD, the SVM is called 'svm-hostname' and the computer account (CIFS server) is called 'hostname-cifs'
2. I've run the command >security login domain-tunnel create -vserver svm-hostname
3. I've then run the command '>security login create -vserver hostname -user-or-group-name "AD SEC GRP" -application ontapi -authentication-method domain -role admin'
4. I've repeated the above for ssh and http
hostname::> security login show
Vserver: hostname
Second
User/Group Authentication Acct Authentication
Name Application Method Role Name Locked Method
-------------- ----------- ------------- ---------------- ------ --------------
AD SEC GRP http domain admin - none
AD SEC GRP ontapi domain admin - none
AD SEC GRP ssh domain admin - none
admin console password admin no none
admin http password admin no none
admin ontapi password admin no none
admin service-processor
password admin no none
admin ssh password admin no none
autosupport console password autosupport no none
I've tried various ways of login in with my AD account but I still keep getting access denied - any ideas?
Is it because the AD computer name ('hostname-cifs') is different to the data svm ('svm-hostname')
Thanks