You can specify nonlocal administrative users to have administrative access to the storage system after authentication by a Windows Domain Controller, rather than by the storage system itself.
By default, the domain administrator account has full access to the system. You can log in this account by using the domain\administrator format with the appropriate password.
Data ONTAP also supports ssh-key based authentication for domain users.
win_user_name is the Windows domain user whose name or Security ID (SID) you want to assign to a customized or predefined group. This value can be in one of the following formats:
For more information about these formats, see the na_cifs_lookup(1) man page.
custom_group is a customized group with roles assigned through the useradmin group command.
Administrators | "Backup Operators" | Guests | "Power Users" | Users are groups predefined by Data ONTAP with default roles and capabilities.
The following command adds the user userjoe in the MyDomain domain to the Power Users group and effectively grants MyDomain\userjoe all administrator capabilities that are granted to the Power Users group through the roles that have been assigned to it.
The SID of the user in question is among those listed in the output of this command.