2FA Auth 4 local >System Manager Ontap< Admin possible? | NetApp | Page 1

icy schooner Sep 26, 2024, 1:35 PM

#

IHAC who wants 2FA enabled also for the local admin, to login securely in ONTAP in the case the SAML based login is compromised or not wanted.
I understand that a internet connection is still required, as the challenge/response needs a data exchange. I am referring to our TR https://www.netapp.com/media/17055-tr4647.pdf p.4
Thanks!

elfin crater Sep 30, 2024, 2:15 AM

#

You could look at TOTP and see if that works for them - https://docs.netapp.com/us-en/ontap/authentication/configure-local-account-mfa-totp-task.html

Configure local user account for MFA with TOTP

To take advantage of increased account security through multifactor authentication (MFA) with a time-based one-time password (TOTP), you must configure your ...

soft fulcrum Sep 30, 2024, 2:19 PM

#

There are SAML providers (or plugins for SAML providers) that enable you to use TOTP through SAML (e.g. this or this )

soft fulcrum Sep 30, 2024, 2:20 PM

#

elfin crater You could look at TOTP and see if that works for them - https://docs.netapp.com/...

TOTP does not work for System Manager sadly

elfin crater Sep 30, 2024, 2:31 PM

#

Oh yes, I missed the subject

#2FA Auth 4 local >System Manager Ontap< Admin possible?