Network Storage Protocols Discussions
We have a problem in a customers environment that clients that are not in the same Active Directory cannot get access to cifs shares.
The error at the Ontap 8.1.1P1 7-Mode-Cli is as follows:
Tue Jan 22 09:08:30 CET [netapp1:auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Connection with \\APEFF established.
Tue Jan 22 09:08:30 CET [netapp1:auth.trace.authenticateUser.loginRejected:info]: AUTH: Login attempt by user rejected by the domain controller with error 0xc0000022: STATUS_ACCESS_DENIED.
Clients from inside the AD can access the shares, but the others cannot. I think this can be a problem caused by a GPO in the 2008-AD?!?!
Thanks for your replies!
See The Solution
Have you tried this one?
To avoid this issue, disable SMB 2.x on the system by entering the following command:
options cifs.smb2.client.enable off
Hi! I have already tried this option, but with no success.
Yesterday I tried a dcdiag on the first discovered and preferred DC and the log showed me several errors.
So I changed the preferred DC to the second DC and now everything works fine.
I recommended the customer to reinstall the corrupted DC.
Many thanks for your help!
View solution in original post