You want to configure Active Directory domain controller access for NetApp ONTAP cluster administration.
In this scenario, which two actions would accomplish this task? (Choose two.)
You want to configure Active Directory domain controller access for NetApp ONTAP cluster administration.
In this scenario, which two actions would accomplish this task? (Choose two.)
To configure Active Directory domain controller access for NetApp ONTAP cluster administration, you have two viable options. Firstly, if an SMB (CIFS) server has already been configured for a data SVM, you can set the SVM as a gateway or tunnel for Active Directory access to the cluster. This is accomplished by configuring an authentication tunnel through the existing CIFS SVM. Secondly, if no CIFS server exists for a data SVM, you can create a computer account on the domain for the SVM by using the 'vserver active-directory create' command for a non-CIFS SVM. These methods ensure that the appropriate authentication pathways are established for Active Directory integration.
https://docs.netapp.com/us-en/ontap/authentication/create-svm-computer-account-domain-task.html - You have an SVM with SMB configured already, tunnel through it -If you don't have an existing SMB SVM use the vserver active-directory create command
Configure Active Directory domain controller access overview You must configure AD domain controller access to the cluster or SVM before an AD account can access the SVM. If you have already configured a SMB server for a data SVM, you can configure the SVM as a gateway, or tunnel, for AD access to the cluster. If you have not configured a SMB server, you can create a computer account for the SVM on the AD domain. Create an SVM computer account on the domain If you have not configured a CIFS server for a data SVM, you can use the "vserver active-directory create" command to create a computer account for the SVM on the domain. https://docs.netapp.com/us-en/ontap/pdfs/sidebar/Configure_Active_Directory_domain_controller_access.pdf
should be C, D https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.pow-adm-auth-rbac%2FGUID-BC7B1934-DDE6-4AFB-A319-6C85D1ADACB6.html Configuring an authentication tunnel If you have already configured a CIFS server for a data SVM, you can use the security login domain-tunnel create command to configure the SVM as a gateway, or tunnel, for AD access to the cluster. Creating an SVM computer account on the domain If you have not configured a CIFS server for a data SVM, you can use the vserver active-directory create command to create a computer account for the SVM on the domain.
Read Caerfully https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.pow-adm-auth-rbac%2FGUID-BC7B1934-DDE6-4AFB-A319-6C85D1ADACB6.html it should be C and D
cluster1::> vserver active-directory create -vserver svm2_cluster1 -account-name cluster1 -domain demo.netapp.com Error: command failed: A CIFS server for this Vserver already exists. Having both a CIFS server and an Active Directory account for the same Vserver is not supported. Use the "vserver cifs delete" command to delete the existing CIFS server and try the command again. cluster1::>
B And C vserver active-directory is for CIFS SVM, not non-CIFS SVM
Sorry i was wrong. It's C & D You cannot run "vserver active-directory create" command on CIFS SVM. It should be on non-Cifs SVM
C/D https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.pow-adm-auth-rbac%2FGUID-BC7B1934-DDE6-4AFB-A319-6C85D1ADACB6.html
C & D: cluster1::> vserver active-directory create -vserver svm2_cluster1 -account-name cluster1 -domain demo.netapp.com Error: command failed: A CIFS server for this Vserver already exists. Having both a CIFS server and an Active Directory account for the same Vserver is not supported. Use the "vserver cifs delete" command to delete the existing CIFS server and try the command again. cluster1::>
Not a expert on AD but "ganaarya" is right and the question is not great.