Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
Troubleshooting NetApp Cluster Mode setup and configuration
Description
Information to assist with the configuration of a NetApp Cluster Template
Resolution
Ensure to select the desired CIFS server from the drown-down menu when creating the NetApp auditing template in the Change Auditor client.
Do not type in the Filer Name, the FQDN of the CIFS or use an IP address - These will not work correctly even if the template allows it.
If the CIFS server name must be entered manually for any reason, ensure the NetBIOS name is used.
The User Account used to connect to the Filer by the Change Auditor Client and (by definition) the Change Auditor Agents must be given access to the CIFS/SVM (Storage Virtual Machine, formerly known as vserver). To provide the account access, use the following NetApp command:
If the firewall settings on the NetApp are Default then access to port 443/HTTPS on the vserver/lif filer is set to Deny
The policy will need to be modified to allow the Change Auditor Client and the Change Auditor Agents(s) box access to HTTPS on the vserver/lif
All of this can be completed via the NetApp CLI
Use the following NetApp command to check if the firewall is enabled:
system services firewall show
Use the following NetApp command to check which policies exist and which services are allowed:
system services firewall policy show
Use the following command to check which policy is applied to the vserver/lif with the following command:
network interface show –fields firewall-policy
To check further which vserver owns the CIFS server run the following command:
vserver cifs show
Ensure "Management Access" option is enabled on the network interface serving the VSM CIFS server in question. This can be verified via OnCommand System Manager under Cluster | Configuration | Network | Network Interface tab. Edit the network interface hosting the CIFS data. Ensure, "Management Access" option is enabled (default).
Additional information
The security login create command is case sensitive, so the vserver name and domain\userid must be specified exactly
i.e.
if the NetApp administrator running the security login create… command enters the userid as domain\user then when the credentials are entered on the Change Auditor Auditing Template as DOMAIN\user or Domain\User, a (401) unauthorized error will result
It does not matter how the account name appears in Active Directory - What matters is how it was entered on the security login create… command
You can view the how the account was specified and stored on the Filer with the following command:
security login show
If the situation arises where the Change Auditor client can reach the CIFS server over HTTPS/443 and define the template without issue but the Change Auditor agent specified in the template cannot, the following warning will appear in the Change Auditor agent log:
Unable to connect to cluster mode filer 'NETAPPCIFS': Can't connect to host (err=10061)
Ensure the vserver/lif allows the Change Auditor agent IP address access over HTTPS/443
If the Change Auditor client does not have access to HTTPS/443 on the CIFS server the following error will occur:
No connection could be made because the target machines actively refused it. x.x.x.x:443 In this case, ensure "Management Access" option is enabled on the network interface serving the VSM CIFS server in question. This can be verified via OnCommand System Manager under Cluster | Configuration | Network | Network Interface tab. Edit the network interface hosting the CIFS data. Ensure, "Management Access" option is enabled.
If the account specified in the Change Auditor Client does not have security access on the CIFS Server, an error similar to the following will occur:
HTTP (401) unauthorized
Important considerations
Note 1: Only Change Auditor 6.7 and higher supports NetApp Cluster mode.
Note 2: Consider deploying the latest release of Change Auditor for the most up-to-date support and fixes related to NetApp Cluster Mode auditing.
Your Request will be reviewed by our technical reviewer team and, if approved, will be added as a Topic in our Knowledgebase.
Recommended Content
Product(s):
Change Auditor
7.3, 7.2, 7.1.1
Topic(s):
Troubleshooting
Article History:
Created on: 10/27/2015 Last Update on: 10/31/2023
Thank you for your feedback for Topic Request
Your Request will be reviewed by our technical reviewer team and, if approved, will be added as a Topic in our Knowledgebase.
Welcome to Quest Support
You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.
The Quest Software Portal no longer supports IE8, 9, & 10 and it is recommended to upgrade your browser to the latest version of Internet Explorer or Chrome.