Skip to main content

vserver active-directory create

Create an Active Directory account. If joining a domain, this command may take several minutes to complete.

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The vserver active-directory create command creates an Active Directory account for a Vserver. When you create the Active Directory account, you must add it to an existing Windows Active Directory domain. When you enter this command, you are prompted to provide the credentials of a user account that has sufficient privileges to add computers to the -ou container within the -domain domain. The user account must have a password that cannot be empty. When joining a domain, this command may take several minutes to complete.

Note
Each Vserver can have only one Active Directory account.

Parameters

-vserver <vserver> - Vserver
This parameter specifies the name of the Vserver for which you want to create the Active Directory account. The Vserver must already exist.
-account-name <NetBIOS> - Active Directory NetBIOS Name
This parameter specifies the name of the Active Directory account (up to 15 characters).
-domain <TextNoCase> - Fully Qualified Domain Name
This parameter specifies the name of the Active Directory domain.
[-ou <text>] - Organizational Unit
This parameter specifies the organizational unit within the Active Directory domain. By default, this parameter is set to CN=Computers. When specifying this parameter, specify only the organizational unit portion of the distinguished name. Data ONTAP appends the value provided for the required -domain parameter onto the value provided for –ou parameter to produce the Active Directory distinguished name, which is used when creating the Vserver’s Active Directory account in the domain.
Note
Nested OUs must be provided in a specific order with all containers separated by a comma. Reading from left to right you travel up the directory tree until you reach the root OU.

Examples

The following example creates an Active Directory account ADSERVER1 for Vserver vs1 and domain example.com. 

cluster1::> vserver active-directory create -vserver vs1 -account-name ADSERVER1 -domain example.com

In order to create an Active Directory machine account, you must supply the
name and password of a Windows account with sufficient privileges to add
computers to the "CN=Computers" container within the "example.com" domain.

Enter the user name: Administrator

Enter the password:

The following example creates an Active Directory account ADSERVER2 for Vserver vs2, domain example.com and organizational unit sample_ou.

cluster1::> vserver active-directory create -vserver vs2 -account-name ADSERVER2 -domain example.com 
-ou OU=sample_ou

In order to create an Active Directory machine account, you must supply the
name and password of a Windows account with sufficient privileges to add
computers to the "OU=sample_ou" container within the "example.com" domain.

Enter the user name: Administrator

Enter the password:

The following example creates an Active Directory account ADSERVER2 for Vserver vs2, domain example.com and nested organizational unit OU=developers,OU=engineering,OU=corp.

cluster1::> vserver active-directory create -vserver vs2 -account-name ADSERVER2 -domain example.com 
-ou OU=developers,OU=engineering,OU=corp

In order to create an Active Directory machine account, you must supply the
name and password of a Windows account with sufficient privileges to add
computers to the "OU=developers,OU=engineering,OU=corp" container within the "example.com" domain.

Enter the user name: Administrator

Enter the password: