Network Storage Protocols Discussions

Re: Access NetApp from several Domain (via CIFS)

Seems like no signature

cifs.LMCompatibilityLevel    1
cifs.audit.account_mgmt_

events.enable on
cifs.audit.autosave.file.extension timestamp
cifs.audit.autosave.file.limit 0
cifs.audit.autosave.onsize.enable off
cifs.audit.autosave.onsize.threshold 90%
cifs.audit.autosave.ontime.enable on
cifs.audit.autosave.ontime.interval 1d
cifs.audit.enable            on
cifs.audit.file_access_events.enable on
cifs.audit.liveview.allowed_users
cifs.audit.liveview.enable   off
cifs.audit.logon_events.enable on
cifs.audit.logsize           524288
cifs.audit.nfs.enable        off
cifs.audit.nfs.filter.filename
cifs.audit.saveas            /etc/log/adtlog.evt
cifs.bypass_traverse_checking off
cifs.client.dup-detection    ip-address
cifs.comment                 P839 NetApp Simulator
cifs.enable_share_browsing   on
cifs.gpo.enable              off
cifs.gpo.trace.enable        off
cifs.grant_implicit_exe_perms off
cifs.guest_account
cifs.home_dir_namestyle
cifs.home_dirs_public_for_admin off
cifs.idle_timeout            1800
cifs.ipv6.enable             off
cifs.max_mpx                 50
cifs.ms_snapshot_mode        off
cifs.netbios_aliases         P839NETAPP
cifs.netbios_over_tcp.enable on
cifs.nfs_root_ignore_acl     on
cifs.oplocks.enable          on
cifs.oplocks.opendelta       8
cifs.per_client_stats.enable on
cifs.perfmon.allowed_users
cifs.perm_check_ro_del_ok    on
cifs.perm_check_use_gid      on
cifs.preserve_unix_security  on
cifs.restrict_anonymous      2
cifs.restrict_anonymous.enable on
cifs.save_case               on
cifs.scopeid
cifs.search_domains          MYDOMAINNAME
cifs.show_dotfiles           off
cifs.show_snapshot           off
cifs.shutdown_msg_level      1
cifs.sidcache.enable         on
cifs.sidcache.lifetime       1200
cifs.signing.enable          off
cifs.smb2.client.enable      off
cifs.smb2.durable_handle.enable on
cifs.smb2.durable_handle.timeout 16m
cifs.smb2.enable             off
cifs.smb2.signing.required   off
cifs.snapshot_file_folding.enable off
cifs.symlinks.cycleguard     on
cifs.symlinks.enable         on
cifs.trace_dc_connection     off
cifs.trace_login             off
cifs.universal_nested_groups.enable off
cifs.weekly_W2K_password_change off
cifs.widelink.ttl            12h
cifs.wins_servers
Yeah they are in the same timezone. I cannot connect to any share in the filer I can only can if I join the netapp back to the domain

Re: Access NetApp from several Domain (via CIFS)

And when you authenticate to the share, you use "filername\username" and not just "username"?

Not entirely sure in that case. I've run filers in workgroup mode on many occasions without issue. Silly questions, but CIFS is definitely running? You ran through CIFS setup and configured it in workgroup mode?

Re: Access NetApp from several Domain (via CIFS)

Thanks for your time Chris.

Yes actually I have tried all the different combinations I think...

With workgroup stuff:

net use x: \\hostname\share /user:username ---> I get account is not authorized

net use x: \\hostname\share /user:hostname\username ---> I get bad user

With /etc/passwd:

net use x: \\hostname\share /user:username ---> I get account is not authorized

net use x: \\hostname\share /user:hostname\username ---> I get account is not authorized

Actually it doesnt matter if I use an account which exists or not I always get the same error with /etc/passwd...

Re: Access NetApp from several Domain (via CIFS)

Based on the fact that "hostname\username ---> I get bad user", can you confirm how you are adding the user locally onto the NetApp please? You definitely want to get this working in workgroup mode and not using /etc/passwd.

Re: Access NetApp from several Domain (via CIFS)

Actually I am adding the users in /etc/passwd. My idea is, for legacy reasons, to use Unix permissions and try to auth against /etc/passwd. This worked in our previous environment but authenticating against AD. Just want to make it work outside of the domain for several weeks...

Re: Access NetApp from several Domain (via CIFS)

Chris -

I agree - I think that it is the problem here.

It should be a 'useradmin' RBAC user for this authentication.


I hope this response has been helpful to you.

At your service,


Eugene E. Kashpureff
ekashp@kashpureff.org
NetApp Instructor and Independent Consultant
http://www.linkedin.com/in/eugenekashpureff

(P.S. I appreciate points for helpful or correct answers.)

Re: Access NetApp from several Domain (via CIFS)

You're using "useradmin user add" to add new users then? Not editing /etc/passwd directly?

Re: Access NetApp from several Domain (via CIFS)

You can try running through CIFS setup again and select 'etc/passwd and/or NIS/LDAP authentication' to do a non-windows workgroup authentication.


I hope this response has been helpful to you.

At your service,


Eugene E. Kashpureff
ekashp@kashpureff.org
NetApp Instructor and Independent Consultant
http://www.linkedin.com/in/eugenekashpureff

(P.S. I appreciate points for helpful or correct answers.)

Re: Access NetApp from several Domain (via CIFS)

I have tried with root user which seems to be a admin user definetly and i am getting the same results. This is really painfull as I expected it to work straight away, not sure what I am doing absolutely wrong...

Re: Access NetApp from several Domain (via CIFS)

I am using users in /etc/passwd not adding users from CLI.

Forums