Create a Kerberos realm
Suggest changes
PDFs
POST /protocols/nfs/kerberos/realms
Introduced In: 9.6
Creates a Kerberos realm.
Required properties
-
svm.uuidorsvm.name- Existing SVM on which to create the Kerberos realm. -
name- Base name for the Kerberos realm. -
kdc.vendor- Vendor of the Key Distribution Center (KDC) server for this Kerberos realm. If the configuration uses a Microsoft Active Directory domain for authentication, this field nust bemicrosoft. -
kdc.ip- IP address of the KDC server for this Kerberos realm.
Recommended optional properties
-
ad_server.name- Host name of the Active Directory Domain Controller (DC). This is a mandatory parameter if the kdc-vendor ismicrosoft. -
ad_server.address- IP address of the Active Directory Domain Controller (DC). This is a mandatory parameter if the kdc-vendor ismicrosoft.
Default property values
If not specified in POST, the following default property value is assigned:
-
kdc.port- 88
Related ONTAP commands
-
vserver nfs kerberos realm create
Learn more
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
return_records |
boolean |
query |
False |
The default is false. If set to true, the records are returned.
|
Request Body
| Name | Type | Description |
|---|---|---|
ad_server |
||
comment |
string |
Comment |
encryption_types |
array[string] |
|
kdc |
||
name |
string |
Kerberos realm |
svm |
Example request
{
"ad_server": {
"address": "1.2.3.4",
"name": "string"
},
"comment": "string",
"encryption_types": [
"string"
],
"kdc": {
"ip": "1.2.3.4",
"port": 88,
"vendor": "string"
},
"name": "string",
"svm": {
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}Response
Status: 201, CreatedHeaders
| Name | Description | Type |
|---|---|---|
Location |
Useful for tracking the resource location |
string |
Error
Status: DefaultONTAP Error Response codes
| Error codes | Description |
|---|---|
2949121 |
Active Directory server name required. |
2949122 |
Active Directory server address required |
2949123 |
Failed to create Kerberos realm. |
2949124 |
Failed to create hosts file entry. |
3276949 |
Kerberos realm creation failed. Reason: The parameters "ad_server.name" and "ad_server.address" are only valid when "kdc.vendor" is Microsoft |
3276976 |
"realm" is a required input |
3276998 |
Only the data Vservers can own NFS Kerberos realms. |
Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
ad_server
| Name | Type | Description |
|---|---|---|
address |
string |
Active Directory server IP address |
name |
string |
Active Directory server name |
kdc
| Name | Type | Description |
|---|---|---|
ip |
string |
KDC IP address |
port |
integer |
KDC port |
vendor |
string |
Key Distribution Center (KDC) vendor. Following values are suported:
|
svm
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
kerberos_realm
| Name | Type | Description |
|---|---|---|
ad_server |
||
comment |
string |
Comment |
encryption_types |
array[string] |
|
kdc |
||
name |
string |
Kerberos realm |
svm |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |