On 28.01.25 13:33, Alexander Bokovoy wrote:
On Аўт, 28 сту 2025, Ronald Wimmer via FreeIPA-users wrote:
In an enterprise environment like ours NetApp provides NFS shares. The
last time we tried to stitch IPA and NetApp together failed because
NetApp's admin software is tailored to Windows environments.
I think you need to look at Netapp's documents:
• TR-4067: Network File Systems (NFS) in NetApp ONTAP
• TR-4616: NFS Kerberos in ONTAP
• TR-4835: How to Configure LDAP in ONTAP
On top of that, please use ONTAP 9.11.1 or later, which supports what
they call "LDAP fast bind", which is just use of an LDAP BIND to
validate passwords of users. This does not require exposing access to
userPassword attribute in LDAP.
https://docs.netapp.com/us-en/ontap/nfs-admin/ldap-fast-bind-nsswitch-authentication-task.html
The documents mentioned above cover all details. In TR-4835
there are even screenshots of FreeIPA web UI to show how things work.
Is there any recent experience in this matter? Or should we file a
feature request for RedHat IDM?
I don't think there is anything we could do on FreeIPA side. NetApp can
already be configured to consume IPA users/groups.
Perfect! Thanks for the links to the NetAPP documents. We'll give it a try!
Cheers,
Ronald
--
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
