vserver active-directory create
Create an Active Directory account. If joining a domain, this command may take several minutes to complete.
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The vserver active-directory create
command creates an Active Directory account for a Vserver. When you create the Active Directory account, you must add it to an existing Windows Active Directory domain. When you enter this command, you are prompted to provide the credentials of a user account that has sufficient privileges to add computers to the -ou
container within the -domain
domain. The user account must have a password that cannot be empty. When joining a domain, this command may take several minutes to complete.
Each Vserver can have only one Active Directory account. |
Parameters
-vserver <vserver>
- Vserver-
This parameter specifies the name of the Vserver for which you want to create the Active Directory account. The Vserver must already exist.
-account-name <NetBIOS>
- Active Directory NetBIOS Name-
This parameter specifies the name of the Active Directory account (up to 15 characters).
-domain <TextNoCase>
- Fully Qualified Domain Name-
This parameter specifies the name of the Active Directory domain.
[-ou <text>]
- Organizational Unit-
This parameter specifies the organizational unit within the Active Directory domain. By default, this parameter is set to
CN=Computers
. When specifying this parameter, specify only the organizational unit portion of the distinguished name. Data ONTAP appends the value provided for the required-domain
parameter onto the value provided for–ou
parameter to produce the Active Directory distinguished name, which is used when creating the Vserver’s Active Directory account in the domain.Nested OUs must be provided in a specific order with all containers separated by a comma. Reading from left to right you travel up the directory tree until you reach the root OU.
Examples
The following example creates an Active Directory account ADSERVER1
for Vserver vs1
and domain example.com
.
cluster1::> vserver active-directory create -vserver vs1 -account-name ADSERVER1 -domain example.com In order to create an Active Directory machine account, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "CN=Computers" container within the "example.com" domain. Enter the user name: Administrator Enter the password:
The following example creates an Active Directory account ADSERVER2
for Vserver vs2
, domain example.com
and organizational unit sample_ou
.
cluster1::> vserver active-directory create -vserver vs2 -account-name ADSERVER2 -domain example.com -ou OU=sample_ou In order to create an Active Directory machine account, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "OU=sample_ou" container within the "example.com" domain. Enter the user name: Administrator Enter the password:
The following example creates an Active Directory account ADSERVER2
for Vserver vs2
, domain example.com
and nested organizational unit OU=developers,OU=engineering,OU=corp
.
cluster1::> vserver active-directory create -vserver vs2 -account-name ADSERVER2 -domain example.com -ou OU=developers,OU=engineering,OU=corp In order to create an Active Directory machine account, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "OU=developers,OU=engineering,OU=corp" container within the "example.com" domain. Enter the user name: Administrator Enter the password: