Preparation for Scanning Clustered Data ONTAP (cDOT)
StorageGuard collects configuration data from NetApp cDOT storage system by connecting them using HTTP or HTTPS and issuing read-only commands using the NetApp ZAPI API.
The following table lists the requirements for scanning clustered ONTAP systems:
# | Description |
1 | Provide the Name or IP address of each NetApp Cluster. |
2 | Provide a user account (and password) for each NetApp cluster. |
3 |
The user account should be assigned with a role that enables running all (read-only) “show” API calls. Examples of (read-only) “show” commands used:
|
4 | Verify that IP connectivity through HTTP (default is port 80) or HTTPS (default is port 443) is available between the StorageGuard server and each NetApp cluster. |
Creating a User Account for Scanning Clustered Data ONTAP (cDOT)
The following suggested method can be used to create a user account with appropriate privileges:
CLI
security login role create -role cntsw -cmddirname "DEFAULT" -access readonly
security login create -username cntuser -application ontapi -authmethod password -role cntsw
UI
- Under Cluster, Select Settings.
- In the main pane, select Security – User and Roles.
- Under Users, click Add.
- Enter the username and select the Readonly.
- Under application, select ONTAPI.
- Under Authentication, select Password.
- Enter the password for the user and Click Save.
NOTE: In addition to scanning the ONTAP system, StorageGuard can also scan NetApp Active IQ Unified Manager application by running read-only API queries on port 443 with a read-only user.
Comments
0 comments
Please sign in to leave a comment.