Network and Storage Protocols

CIFS without Active Directory

kal
33,105 Views

Hi,

 

I want to configure CIFS on my Netapp. The Netapp cluster has for DNS the Google's DNS (8.8.8.8) and I haven't an Active Directory. I want my client which are in WORKGROUP can connect to a CIFS share on the cluster. Is an Active Directory required ?

 

Regards.

17 REPLIES 17

aborzenkov
32,790 Views

Do you have 7-Mode or C-Mode (you added both tags)?

kal
32,761 Views

Hi,

 

Sorry, I have a Cluster mode Data On Tap.

aborzenkov
32,759 Views

As far as I know currently only CIFS servers that a part of Active Directory are supported. Although documentation mentions that "Workgroups are not supported in this release", so it is possible that it will be supported in the future.

kal
32,753 Views

Ok, I undestand. So the AD's DNS must be declared on the cluster and the client computers must be in the AD's domain. Isn't it ?

 

Thanks.

thomas_glodde
32,722 Views

You MUST configure DNS in the SVM and join an ADS for CIFS to properly work. Clients & Servers which access the SVMs shares can be inside or outside of your ADS domain.

kal
32,641 Views

Hi,

 

In conclusion, my CIFS SVM/Volume must join the Active Directory Server. The Clients ans Server which access to the CIFS share could be outside, in WORKGROUP for example.

 

But what about the post of Aborzenkov : 

 
 
 

 

"As far as I know currently only CIFS servers that a part of Active Directory are supported. Although documentation mentions that "Workgroups are not supported in this release", so it is possible that it will be supported in the future".

 

Thanks a lot for your answer.

 

 

Darkstar
32,631 Views

The SVM has to be in an AD domain, otherwise you will not get any CIFS functionality.

 

The clients that connect to the NetApp can be either other AD members (domain computers) or standalone computers (i.e. computers running in Workgroup mode). Note that if you try to connect to the SVM on the NetApp cluster from a computer which is NOT part of the same domain, you will have to supply a username and password to connect. This can be either a domain user (using "DOM\User"-style usernames) or a local user created on the SVM (see the vserver cifs users-and-groups local-user create command). This is the same, actually, as with Windows servers and computers without any NetApp involved

 

Also, if you really need CIFS with Workgroup style authentication, it is possible that this might be added to Data OnTap at a later date (all documentation, for example, says it is "not yet available" or "currently not possible")....

 

Regards

-Michael

angelpublishing
31,716 Views

I'd just like to say it's very inconv. to force the use of AD just to enable CIFS. I'm a complete linux shop and use my FAS device for NFS primarily. I figured 'hey why not use it's CIFS support' ... nope.

 

So I'll be using a cheap, unreliable network storage device simply to host CIFS shares meanwhile.

 

++bump as a feature request. Simply let me turn it on and create shares like every other network storage device lets you.

 

Thanks for the sweet NFS support though.

Darkstar
31,689 Views

If you're a complete NFS shop, what do you need CIFS for? If it's only for 1 share that 2 or 2 users access, you can also use Microsoft's NFS for Windows, for example.

 

That being said, it's been possible for a few months now (since OnTap 9.0) to run an SVM in Workgroup mode without AD. See the man page for the "vserver cifs create -workgroup" command.

 

-Michael

angelpublishing
24,805 Views

Michael,

 

We are _currently_ an "NFS" shop because all I use the NetApp for is NFS storage for xenserver clusters. I have a separate low quality device that's being relied on heavily for CIFS, so I figured why not use the NetApp for CIFS too.

 

I'd like to move to the NetApp, that's all. I am on 9.x so thanks for the tip!

 

So basically, you can configure CIFS with an empty AD value via CLI, but not System Manager (I believe it gives you an error when it's blank).

 

 

-Kyle

PaulFiler
24,580 Views

What about a Workgroup CIFS share?   vserver cifs create -vserver hq-vs0 -cifs-server hq-vs0 -workgroup wg

JohnChen
24,536 Views

If you are Ontap9.0, you can set it up without AD.

I got it work on my NetApp 8080 with Ontap9.0 version.

 

 

1) Create CIFS server via CLI

Cluster1::>vserver cifs create -vserver <SVM> -cifs-server <SVM> -workgroup <workgroup01>

 

2) set diag

 

3) Enable local users auth

Cluster1::>vserver cifs options modify –vserver <SVM> -is-local-auth-enabled true

Cluster1::>vserver cifs options modify –vserver <SVM> -is-local-users-and-groups-enabled true

 

3) Create your local user that will authenticate

Cluster1::>vserver cifs users-and-groups local-user create –vserver <SVM> -user-name <USER>

 

4) Create a CIFS LIF on the SVM (separate IP but can be in same subnet as NFS)

5) Create a CIFS share on the same volume as the NFS mount

6) Map to the CIFS share using the user from step 3.  \\<LIF-IP-Address>\<CIFS-Share>

 

all4netapp
21,385 Views

hi

I'd follow the steps and i am able to read from the share but can't modify or create new file\folder

please your help

Scott

JohnChen
21,350 Views

check your share access control permission under SVMs/shares

 

 

JohnChen
21,328 Views

You also need to check MTU settings on host and netapp storage .  Need to be matched

josemartins525
11,561 Views

Perfect!!!

spearo
10,959 Views

This worked perfectly for me. Thanks. 

Public