Which protocols must be enabled to support AD integration for access control in ONTAP?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the NetApp Certified Storage Installation Engineer Test. Study with flashcards and multiple choice questions featuring hints and explanations. Ace your certification!

Multiple Choice

Which protocols must be enabled to support AD integration for access control in ONTAP?

Explanation:
When ONTAP is integrated with Active Directory for access control, two protocols handle the core interaction: Kerberos and LDAP. Kerberos is the authentication mechanism that verifies user identities against the AD domain’s Key Distribution Center, issuing tickets that prove who a user is without sending passwords over the network. LDAP provides the directory services needed to read user accounts, group memberships, and related attributes from AD, which ONTAP uses to determine the appropriate permissions and mappings to ONTAP RBAC roles. DNS and NTP support AD operations and time-based ticket validity, but they are infrastructure requirements rather than the direct protocols that enable authentication and directory-based access control. SMB is a file-sharing protocol that can rely on AD for permissions, but it is not the protocol that enables the AD integration for access control itself. So, the combination of Kerberos for authentication and LDAP for directory access is what enables AD-based access control in ONTAP.

When ONTAP is integrated with Active Directory for access control, two protocols handle the core interaction: Kerberos and LDAP. Kerberos is the authentication mechanism that verifies user identities against the AD domain’s Key Distribution Center, issuing tickets that prove who a user is without sending passwords over the network. LDAP provides the directory services needed to read user accounts, group memberships, and related attributes from AD, which ONTAP uses to determine the appropriate permissions and mappings to ONTAP RBAC roles.

DNS and NTP support AD operations and time-based ticket validity, but they are infrastructure requirements rather than the direct protocols that enable authentication and directory-based access control. SMB is a file-sharing protocol that can rely on AD for permissions, but it is not the protocol that enables the AD integration for access control itself.

So, the combination of Kerberos for authentication and LDAP for directory access is what enables AD-based access control in ONTAP.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy