ONTAP 9 Manuals ( CA08871-402 )

Accounts that can access the SP

When you try to access the SP, you are prompted for credential. Cluster user accounts that are created with the service-processor application type have access to the SP CLI on any node of the cluster. SP user accounts are managed from ONTAP and authenticated by password. Beginning with ONTAP 9.9.1, SP user accounts must have the admin role.

User accounts for accessing the SP are managed from ONTAP instead of the SP CLI. A cluster user account of any role can access the SP if it is created with the -application parameter of the security login create command set to service-processor and the -authmethod parameter set to password. The SP supports only password authentication.

You must specify the -role parameter when creating an SP user account.

By default, the cluster user account named “admin” includes the service-processor application type and has access to the SP.

ONTAP prevents you from creating user accounts with names that are reserved for the system (such as “root” and “naroot”). You cannot use a system-reserved name to access the cluster or the SP.

You can display current SP user accounts by using the -application service-processor parameter of the security login show command.

Top of Page