TECH::July 2015 update to TR-4073 (the NetApp NFS Kerberos/LDAP manifesto)

It’s time for new technical report updates!


Since clustered Data ONTAP 8.3.1 is now available, we are publishing our 8.3.1 updates to our docs. The first one in the list for me was TR-4073: Secure Unified Authentication.

What is Secure Unified Authentication?

Secure Unified Authentication is a solution-based methodology to provide secure (via Kerberos) unified (via central LDAP servers for identity management) authentication for enterprise IT environments.

Security is more important than ever, so using a ticket-based auth process instead of over-the-wire passwords is one way to ensure you have protected your business assets. With AES-256 encryption, you are using the strongest available enctype for Kerberos.

Ease of management is also critical to an ever changing IT landscape. LDAP for Identity Management makes user account management and NAS permissioning easier.

What’s new?

The new updates to the doc include:

  • Moving lengthy config steps to the end of the document to avoid doc clutter
  • Moving scripts from the doc to a github repository for open source contribution
  • Better organization/navigation of crucial best practices
  • Documentation of new 8.3.1 functionality (HINT: not a ton changed for Kerberos/LDAP)
  • Improved On-Box DNS documentation
  • ESXi 6.0 Kerberos Configuration steps
  • Improved LDAP multiprotocol asymmetric name mapping information
  • Improved SecD troubleshooting information
  • LDAP search optimization recommendations
  • Mapping of 7-Mode LDAP attributes to clustered Data ONTAP attributes
  • Using hostnames for LDAP servers via SRV records
  • LDAP bind support information

Where can I find it?

Technical reports can be found a variety of ways. Google search works, as does looking in the NetApp library. I cover how to be better at NetApp documentation in a separate blog post.

To make it super easy, just follow this link:

TR-4073: Secure Unified Authentication

Be on the look out for other new TR updates!


One thought on “TECH::July 2015 update to TR-4073 (the NetApp NFS Kerberos/LDAP manifesto)

  1. Pingback: Why Is the Internet Broken: Greatest Hits | Why Is The Internet Broken?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s