Release notes
Administrator authentication and RBAC
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
Administrators use local or remote login accounts to authenticate themselves to the cluster and SVM. Role-Based Access Control (RBAC) determines the commands to which an administrator has access.
Authentication
You can create local or remote cluster and SVM administrator accounts:
-
A local account is one in which the account information, public key, or security certificate resides on the storage system.
-
A remote account is one in which account information is stored on an Active Directory domain controller, an LDAP server, or a NIS server.
Except for DNS, ONTAP uses the same name services to authenticate administrator accounts as it uses to authenticate clients.
RBAC
The role assigned to an administrator determines the commands to which the administrator has access. You assign the role when you create the account for the administrator. You can assign a different role or define custom roles as needed.
