Table of ContentsView in Frames

Accounts that can access the RLM

The RLM comes with an account named "naroot". Only the RLM's naroot account and Data ONTAP user accounts with the credentials of the admin role or a role with the login-sp capability can log in to the RLM. These users have access to all commands available on the RLM.

For enhanced security, the RLM does not allow you to log in with the Data ONTAP account name root. Instead, it maps the Data ONTAP root account to the RLM naroot account. You use the Data ONTAP root password when you use the RLM's naroot account to log into the RLM.
Note: If you disable the root account's access to the storage system, the RLM's naroot access to the storage system is automatically disabled.

You cannot create user accounts directly from the RLM. However, users created in Data ONTAP with the credentials of the admin role or a role with the login-sp capability can log in to the RLM. Changes to user account credentials on the storage system are automatically updated to the RLM.

You cannot use the following generic names as account names to access the RLM. Therefore, it is best not to use them as Data ONTAP account names or assign them to Data ONTAP groups that have the admin role or a role that includes the login-sp capability.