Skip to main content
NetApp Console setup and administration

User security

Contributors netapp-tonias
PDFs

Secure user access to your NetApp Console organization by managing member security settings. You can reset user passwords, manage multi-factor authentication (MFA), and recreate service account credentials.

Required access roles

Super admin, Org admin, or Folder or project admin (for folders and projects that they are administering). Link:reference-iam-predefined-roles.html[Learn about access roles].

Reset user passwords (local users only)

Org admins cannot reset user passwords for local users. However, they can instruct users to reset their own passwords.

Instruct a user to reset their password from the Console login page by selecting Forgot password?.

Note This option is not available for users in a federated organization.

Manage a user's multi-factor authentication (MFA)

If a user loses access to their MFA device, you can either remove or disable their MFA configuration.

Note Multi-factor authentication is only available for local users. Federated users cannot enable MFA.

Users must set up MFA again when they log in after removal. If the user temporarily loses access to their MFA device, they can use their saved recovery code to log in.

If they do not have their recovery code, temporarily disable MFA to allow login. When you disable MFA for a user, it is disabled for only eight hours and then re-enabled automatically. The user is allowed one login during that time without MFA. After the eight hours, the user must use MFA to log in.

Note To manage a user's multi-factor authentication, you must have an email address in the same domain as the affected user.
Steps

  1. Select Administration > Identity and access.

  2. Select Members.

    The Members table lists the members of your organization.

  3. From the Members page, navigate to a member in the table, select An icon that is three side-by-side dots and then select Manage multi-factor authentication.

  4. Choose whether to remove or to disable the user's MFA configuration.

Recreate the credentials for a service account

You can create new credentials for a service if you lose or need to update them.

Creating new credentials deletes the old ones. You cannot use the old credentials.

Steps

  1. Select Administration > Identity and access.

  2. Select Members.

  3. In the Members table, navigate to a service account, select An icon that is three side-by-side dots and then select Recreate secrets.

  4. Select Recreate.

  5. Download or copy the client ID and client secret.

    The Console shows the client secret only once. Make sure you copy or download it and store it securely.