It’s a Kerberos Khristmas!

Recently, I was working on a project where I was creating a POC of an Ubuntu container that could authenticate to LDAP and mount NFS Kerberos mounts without any interaction that would eventually be used in a Kubernetes environment. It was an improvement on the container image I created a while back in "Securing NFS … Continue reading It’s a Kerberos Khristmas!

MacOS NFS Clients with ONTAP – Tips and Considerations

When I'm testing stuff out for customer deployments that I don't work with a ton, I like to keep notes on the work so I can reference it later for TRs or other things. A blog is a great place to do that, as it might help other people in similar scenarios. This won't be … Continue reading MacOS NFS Clients with ONTAP – Tips and Considerations

How to Configure MacOS to Use Active Directory LDAP for UNIX users/groups

In NetApp ONTAP, it's possible to serve data to NAS clients over SMB and NFS, including the same datasets. This is known as "multiprotocol NAS" and I cover the best practices for that in the new TR-4887: TR-4887: Multiprotocol NAS Best Practices in ONTAP When you do multiprotocol NAS in ONTAP (or really, and storage … Continue reading How to Configure MacOS to Use Active Directory LDAP for UNIX users/groups

Using Windows Lightweight Directory Services for UNIX Identity Management with ONTAP

Windows Active Directory domains have been the way to leverage UNIX identity management in environments using Windows, given the tight integration with Kerberos, Windows accounts and ease of use. I cover a lot of this in TR-4073 (with a new LDAP-only TR coming out soon). But, it doesn't always fit all use cases. For example, … Continue reading Using Windows Lightweight Directory Services for UNIX Identity Management with ONTAP

Behind the Scenes: Episode 137: Name Services in ONTAP

Welcome to the Episode 137, part of the continuing series called “Behind the Scenes of the NetApp Tech ONTAP Podcast.” This week on the podcast, we talk Name Services in ONTAP and the introduction of the new global name services cache in ONTAP 9.3 with NAS TME, Chris Hurley (@averageguyX)! We'll be taking next week off … Continue reading Behind the Scenes: Episode 137: Name Services in ONTAP

Cache Rules Everything Around Me: New Global Name Service Cache in ONTAP 9.3

In an ONTAP cluster made up of individual nodes with individual hardware resources, it's useful if a storage administrator can manage the entire cluster as a monolithic entity, without having to worry about what lives where. Prior to ONTAP 9.3, name service caches were node-centric, for the most part. This sometimes could create scenarios where … Continue reading Cache Rules Everything Around Me: New Global Name Service Cache in ONTAP 9.3