Table of ContentsView in Frames

Accounts that can access the SP

The SP comes with an account named "naroot". Only the SP "naroot" account and Data ONTAP local user accounts with the credentials of the admin role or a role with the login-sp capability can log in to the SP. These users have access to all commands available on the SP.

For enhanced security, the SP does not allow you to log in with the Data ONTAP account name "root". Instead, it maps the Data ONTAP "root" account to the SP "naroot" account. You use the Data ONTAP "root" password when you use the SP "naroot" account to log into the SP.

Note: If you disable the "root" account's access to the storage system, the SP "naroot" account's access to the storage system is automatically disabled.

You cannot create user accounts directly from the SP. However, local users created in Data ONTAP with the credentials of the admin role or a role with the login-sp capability can log in to the SP. Changes to user account credentials on the storage system are automatically updated to the SP.

You cannot use the following generic names as account names to access the SP. Therefore, it is best not to use them as Data ONTAP account names or assign them to Data ONTAP groups that have the admin role or a role that includes the login-sp capability: