Subscribe

NetApp CIFS is NOT windows file server?

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1035094

Just come across this VMWare issue, and they claimed that CIFS is not windows file server, can anybody share, what's the different, any workaround?

NetApp CIFS is NOT windows file server?

Strange as it says "ThinApp support requires that the packages are located on a Windows fileserver, or a fileserver that can support authentication & file permissions based on Active Directory computer accounts"

It could be because CIFS shares can use workgroup authentication and as stated AD authentication is required, maybe it's been worded incorrectly?

Re: NetApp CIFS is NOT windows file server?

Thanks for your quick response!

"Active Directory computer accounts"

This is the keyword, maybe default CIFS can authenticate based on user accounts, not computer accounts?

NetApp CIFS is NOT windows file server?

We have the ThinApp Repository on a CIFS share on NetApp storage and it works correctly.

I don't know if your problem is that you're not able to add computer account on the share permission with the netapp interface. We manage netapp shares from "computer manager" of windows 2003 servers. Just open computer manager, choose to manage another computer and put the storage name. Then you can go on "system tools, shared folders, shares" and from there you can create/manage shares on the storage. To add a computer account you should go to the share permission, click on add and then choose from object types "Computers" then you can add the computers to the share persmission.

Re: NetApp CIFS is NOT windows file server?

Hi Francesco,

We are also facing the same situation. As you stated, I set the permissions so computers could authenticate against NetApp shares.

I have the the scenario as bellow:

* I have a multistore context acting only as a CIFS file server;

* This context has two partitions:

/vol/context_root (NTFS sec style) - root volume

/vol/context_shares (NTFS sec style) - shares volume

* Volume context_shares has two qtrees:

/vol/context_shares/shares

/vol/context_shares/thinapp

* The context (vfiler) is integrated in domain and I choose NTFS only when I run 'cifs setup'.

I've created a share on /vol/context_shares/thinapp through MMC (computer management):

* I set the share permissions 'read' to: Domain Computers, Domain Controllers and Domain Users

* I set the share permissions 'full control' to: Domain Admins

Because if I would change the permissions at the share level I would lost inherited permissions, I've created a folder inside the share and I put the permissions bellow in this foldes:

* I set the security 'read', 'read & execute' and 'list folder contents' to: Domain Computers, Domain Controllers and Domain Users

* I set the security 'full control' to: Domain Admins

Even, I receive the same log messages in the View Administrator Console. Could you help us with this sending me your configuration?

Thanks a lot!

Re: NetApp CIFS is NOT windows file server?

Rafael, have you tried setting the 'share' permissions to everyone-Full?  Then just manage permissions via NTFS.  My train of thought is that maybe share permission authentication is handled differently than NTFS; from the file server's perspective.

Re: NetApp CIFS is NOT windows file server?

Hi,

I've tried this, but doesn't work. I found a related issue with Windows 7 and W2K8-R2 as you can see in this link https://kb.netapp.com/support/index?page=content&id=2013374.

I'm trying this workaround at this moment and I'll post my results. Thanks!

Re: NetApp CIFS is NOT windows file server?

That makes sense.

This may not apply to this scenario; but we did have issues accessing netapp cifs shares on windows 7 when first going through a win2k3 DFS server.  I think it had to do with NTLM versions.  Upgrading to 2008 dfs servers fixed the issue.

Re: NetApp CIFS is NOT windows file server?

Now the error has changed.

I got the error:

HRESULT hr = 0x80070005 Access Denied

I really don't know for who the filer was denying access to. There is a way so I can monitor some log to see which user has been denied?

Re: NetApp CIFS is NOT windows file server?

You might catch it in the auditing logs.  You have to turn it on in ontap and on the share.  Check the docs, it's been a while since i've messed with auditing.