On Аўт, 28 сту 2025, Ronald Wimmer via FreeIPA-users wrote:
In an enterprise environment like ours NetApp provides NFS shares. The last time we tried to stitch IPA and NetApp together failed because NetApp's admin software is tailored to Windows environments.
I think you need to look at Netapp's documents: • TR-4067: Network File Systems (NFS) in NetApp ONTAP • TR-4616: NFS Kerberos in ONTAP • TR-4835: How to Configure LDAP in ONTAP On top of that, please use ONTAP 9.11.1 or later, which supports what they call "LDAP fast bind", which is just use of an LDAP BIND to validate passwords of users. This does not require exposing access to userPassword attribute in LDAP. https://docs.netapp.com/us-en/ontap/nfs-admin/ldap-fast-bind-nsswitch-authentication-task.html The documents mentioned above cover all details. In TR-4835 there are even screenshots of FreeIPA web UI to show how things work.
Is there any recent experience in this matter? Or should we file a feature request for RedHat IDM?
I don't think there is anything we could do on FreeIPA side. NetApp can already be configured to consume IPA users/groups. -- / Alexander Bokovoy Sr. Principal Software Engineer Security / Identity Management Engineering Red Hat Limited, Finland -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
