Table of ContentsView in Frames

Accounts that can access the SP

The SP comes with an account named "naroot". Only the SP naroot account and Data ONTAP user accounts with the credentials of the admin role or a role with the login-sp capability can log in to the SP. These users have access to all commands available on the SP.

For enhanced security, the SP does not allow you to log in with the Data ONTAP account name root. Instead, it maps the Data ONTAP root account to the SP naroot account. You use the Data ONTAP root password when you use the SP naroot account to log into the SP.
Note: If you disable the root account's access to the storage system, the SP naroot account's access to the storage system is automatically disabled.

You cannot create user accounts directly from the SP. However, users created in Data ONTAP with the credentials of the admin role or a role with the login-sp capability can log in to the SP. Changes to user account credentials on the storage system are automatically updated to the SP.

You cannot use the following generic names as account names to access the SP. Therefore, it is best not to use them as Data ONTAP account names or assign them to Data ONTAP groups that have the admin role or a role that includes the login-sp capability.