Jump to content


Photo

Unable to configure Netwrix for NetApp clustermode 9.1P11

netapp netwrix data ontap vserver

  • Please log in to reply
5 replies to this topic

#1 raj123

raj123

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 16 April 2018 - 07:12 PM

We are trying get netwrix configured for our netapp clustermode system and we ran into this below issue.

 

Checked multiple times using the right file server name and management vserver dns name, but we are ending up with the same result. Any help is appreciated.

 

Source:  File Storage Audit Service
Event ID:  2004
Computer: Gxxxxxx.xxx.xxxxxx.net
User:  N/A
Description: Monitoring plan: xxx_xxxxxx-NetApp
The following error has occurred:The following error has occurred awhile processing 'xxxxxpfil01.xxxxxx.local':
The following error has occurred when analyzing changes for the xxxxxxfil01.xxxxxx.local server: Vserver API missing vserver parameter.: 13006



#2 rihuka

rihuka

    Member

  • Administrators
  • PipPip
  • 25 posts
  • Gender:Male

Posted 17 April 2018 - 01:05 PM

Hello raj123,

 

Based on the returned error message I can see that Netwrix Auditor is unable to access ONTAP API of NetApp, by default it is the same IP address as CIFS server.

 

Open "Item" settings clicking "Edit Item" in the monitoring plan of Netwrix Auditor then click ONTAPI, select "Same as file server" option, this should to fix the issue.

 

Best regards,
Kirill Kirkov
T2 Support Engineer

Best regards,
Kirill Kirkov
T2 Support Engineer
 

#3 raj123

raj123

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 17 April 2018 - 01:41 PM

 

Hello raj123,

 

Based on the returned error message I can see that Netwrix Auditor is unable to access ONTAP API of NetApp, by default it is the same IP address as CIFS server.

 

Open "Item" settings clicking "Edit Item" in the monitoring plan of Netwrix Auditor then click ONTAPI, select "Same as file server" option, this should to fix the issue.

 

Best regards,
Kirill Kirkov
T2 Support Engineer

 

Hi there Kirill,

 

I was hit the following error, 

 

Source: File Storage Audit Service
Event ID: 2004
Computer: 1234abc.abc.net
User: N/A
Description: Monitoring plan: 123_abc-NetApp 
The following error has occurred: 
Cannot connect to the xyzspfil01.abc.local server due to the following error: Connection to xyzspfil01.abc.local failed. Check the specified UNC path.
 
I believe we need to mention the management ip address here, as we are running a clustered data ontap netapp system. Its not 7 mode and not a windows file server.
 
We have admin vserver for management and data vserver for file server access inside the system.


#4 raj123

raj123

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 17 April 2018 - 02:11 PM

Netapp login configuration for netwrix account.
xyznpnas01::security login> show netwrixaccount                                                                                                                                                   
Vserver: xyznpfile01.greensky.local
                             Authentication             Acct   Is-Nsswitch
User/Group Name  Application Method    Role Name        Locked Group
---------------- ----------- --------- ---------------- ------ -----------
netwrixaccount       http        password  fsa_role         no     no
netwrixaccount       ontapi      password  fsa_role         no     no
netwrixaccount       ssh         password  fsa_role         no     no
 
Vserver: xyznpnas01
                             Authentication             Acct   Is-Nsswitch
User/Group Name  Application Method    Role Name        Locked Group
---------------- ----------- --------- ---------------- ------ -----------
netwrixaccount       http        password  admin            no     no
netwrixaccount       ontapi      password  admin            no     no
netwrixaccount       ssh         password  admin            no     no
6 entries were displayed.


#5 rihuka

rihuka

    Member

  • Administrators
  • PipPip
  • 25 posts
  • Gender:Male

Posted 17 April 2018 - 03:03 PM

There is big difference between management and ONTAP API, Netwrix Auditor works with API and by default it is the same as IP of CIFS server, so you should use "Same as file server" option.

 

I assume the firewall blocks connection between Netwrix Auditor host and NetApp, try to disable firewall on NetApp temporary and run the data collection to make sure it is related to firewall or something else.

 

Best regards,
Kirill Kirkov
T2 Support Engineer

Best regards,
Kirill Kirkov
T2 Support Engineer
 

#6 raj123

raj123

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 17 April 2018 - 07:27 PM

 

There is big difference between management and ONTAP API, Netwrix Auditor works with API and by default it is the same as IP of CIFS server, so you should use "Same as file server" option.

 

I assume the firewall blocks connection between Netwrix Auditor host and NetApp, try to disable firewall on NetApp temporary and run the data collection to make sure it is related to firewall or something else.

 

Best regards,
Kirill Kirkov
T2 Support Engineer

 

Hello Kirill,

 

Thanks for the prompt response, I'm showing your firewall settings in the netapp system. I'm going to disable the firewall for an extended period of time and see if netwrix will be able to connect to the ontapi.

 

xyznpnas01::system services firewall> show
Node           Enabled Logging
-------------- ------- -------
xyznpnas01-01 
               true    false
xyznpnas01-02 
               true    false
2 entries were displayed.
 
xyznpnas01::system services firewall> policy 
    clone  create delete modify show   
 
xyznpnas01::system services firewall> policy show
Vserver Policy       Service    Allowed
------- ------------ ---------- -------------------
xyznpnas01
        data
                     dns        0.0.0.0/0
                     ndmp       0.0.0.0/0
                     ndmps      0.0.0.0/0
xyznpnas01
        intercluster
                     https      0.0.0.0/0
                     ndmp       0.0.0.0/0
                     ndmps      0.0.0.0/0
xyznpnas01
        mgmt
                     dns        0.0.0.0/0
                     http       0.0.0.0/0
                     https      0.0.0.0/0
                     ndmp       0.0.0.0/0
                     ndmps      0.0.0.0/0
                     ntp        0.0.0.0/0
                     snmp       0.0.0.0/0
                     ssh        0.0.0.0/0
14 entries were displayed.






Also tagged with one or more of these keywords: netapp, netwrix, data ontap, vserver

0 user(s) are reading this topic

0 members, guests, anonymous users