https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169477#M10968 <P>Thank you so much!&nbsp; I probably will terminate the sessions after the security update since we have less than 10 connections with NTLMv1.</P><P>&nbsp;</P><P>TT</P> Wed, 25 Aug 2021 18:10:25 GMT SVHO 2021-08-25T18:10:25Z https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169440#M10959 <P>Hello,</P><P>&nbsp;</P><P>Our security team wants to turn off NTLM&nbsp; on our NetApp NAS.&nbsp; From reading the KB below and verifying, our setting is set at the default which accepts everything listed from the article.&nbsp; We want to allow NTLMv2 and Kerberos.&nbsp; My question is by changing the setting, does it disconnect all current connections that are not reflective of the new security level?&nbsp; Do I have to stop the SVM to disconnect all connections?&nbsp;</P><P>&nbsp;</P><P>I just want to make sure the security team no longer see any logs pertaining to NTLM.</P><P>&nbsp;</P><P>Example: Device1 connected on NTLM.&nbsp; Once the new security level is updated, does that connection get disconnected?</P><P>&nbsp;</P><P><A href="https://library.netapp.com/ecmdocs/ECMP1610207/html/GUID-861C90E9-A8B2-405C-9020-0C38679BD72B.html" target="_blank">https://library.netapp.com/ecmdocs/ECMP1610207/html/GUID-861C90E9-A8B2-405C-9020-0C38679BD72B.html</A></P><P>&nbsp;</P><P>We are on 9.3p18</P><P>Thanks,</P><P>TT</P> Wed, 04 Jun 2025 10:16:06 GMT https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169440#M10959 SVHO 2025-06-04T10:16:06Z https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169450#M10961 <P>Only new sessions will have the latest update (i.e changed -lm-compatibility-level). Rest of the sessions which are already logged in using NTLM will continue to stay up. In order to have them negotiate new security update, they need to be closed their session first.</P><P>&nbsp;</P><P>You should be able to filter those users using NTLM via this cmd:<BR />::&gt; vserver cifs session show -vserver &lt;vserver&gt; -fields session-id,auth-mechanism</P><P>&nbsp;</P><P>You should then be able to close those session-id, once this is done, next time when they login they will use the updated security (auth-mechanism)</P><P>&nbsp;</P><P>This article may help in closing sessions for those using NTLM security.<BR /><A href="https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_terminate_a_CIFS_sessions_in_ONTAP_9_for_specific_Windows_users" target="_blank">https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_terminate_a_CIFS_sessions_in_ONTAP_9_for_specific_Windows_users</A></P> Tue, 24 Aug 2021 20:32:11 GMT https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169450#M10961 Ontapforrum 2021-08-24T20:32:11Z https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169451#M10962 <P>For filtering specific users using NTLMv1:</P><P>&nbsp;vserver cifs session show -vserver &lt;vserver&gt; -fields session-id,auth-mechanism&nbsp; -auth-mechanism NTMLv1</P> Tue, 24 Aug 2021 20:35:22 GMT https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169451#M10962 Ontapforrum 2021-08-24T20:35:22Z https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169452#M10963 <P>Thank you for the response.&nbsp; Lets say if I stop the SVM service, would that also terminate the sessions?&nbsp;</P> Tue, 24 Aug 2021 20:45:54 GMT https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169452#M10963 SVHO 2021-08-24T20:45:54Z https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169455#M10964 <P>Stopping SVM Service will&nbsp;stop data access on this SVM through all allowed protocols. Instead you can just stop the CIFS server and restart it. Of course this means, all the sessions currently active will drop off. However, when they re-connect they will be using new auth-mechanism.</P> Tue, 24 Aug 2021 21:37:47 GMT https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169455#M10964 Ontapforrum 2021-08-24T21:37:47Z https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169477#M10968 <P>Thank you so much!&nbsp; I probably will terminate the sessions after the security update since we have less than 10 connections with NTLMv1.</P><P>&nbsp;</P><P>TT</P> Wed, 25 Aug 2021 18:10:25 GMT https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/169477#M10968 SVHO 2021-08-25T18:10:25Z https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/445520#M11583 <P>HI,</P><P>&nbsp;</P><P>Can someone please guide me on how to set both the authentication methods(NTLMv2 &amp; Kerberos) on cifs, any command reference is appreciated for ONTAP cluster.</P><P><SPAN><SPAN class="">NetApp Release 9.1P14</SPAN></SPAN></P> Fri, 23 Jun 2023 18:04:33 GMT https://community.netapp.com/t5/ONTAP-Hardware/CIFS-authentication-security-level/m-p/445520#M11583 harikapabba 2023-06-23T18:04:33Z