Network and Storage Protocols

CIFS without Active Directory

kal
29,287 Views

Hi,

 

I want to configure CIFS on my Netapp. The Netapp cluster has for DNS the Google's DNS (8.8.8.8) and I haven't an Active Directory. I want my client which are in WORKGROUP can connect to a CIFS share on the cluster. Is an Active Directory required ?

 

Regards.

17 REPLIES 17

aborzenkov
28,996 Views

Do you have 7-Mode or C-Mode (you added both tags)?

kal
28,967 Views

Hi,

 

Sorry, I have a Cluster mode Data On Tap.

aborzenkov
28,965 Views

As far as I know currently only CIFS servers that a part of Active Directory are supported. Although documentation mentions that "Workgroups are not supported in this release", so it is possible that it will be supported in the future.

kal
28,959 Views

Ok, I undestand. So the AD's DNS must be declared on the cluster and the client computers must be in the AD's domain. Isn't it ?

 

Thanks.

thomas_glodde
28,928 Views

You MUST configure DNS in the SVM and join an ADS for CIFS to properly work. Clients & Servers which access the SVMs shares can be inside or outside of your ADS domain.

kal
28,847 Views

Hi,

 

In conclusion, my CIFS SVM/Volume must join the Active Directory Server. The Clients ans Server which access to the CIFS share could be outside, in WORKGROUP for example.

 

But what about the post of Aborzenkov : 

 
 
 

 

"As far as I know currently only CIFS servers that a part of Active Directory are supported. Although documentation mentions that "Workgroups are not supported in this release", so it is possible that it will be supported in the future".

 

Thanks a lot for your answer.

 

 

Darkstar
28,837 Views

The SVM has to be in an AD domain, otherwise you will not get any CIFS functionality.

 

The clients that connect to the NetApp can be either other AD members (domain computers) or standalone computers (i.e. computers running in Workgroup mode). Note that if you try to connect to the SVM on the NetApp cluster from a computer which is NOT part of the same domain, you will have to supply a username and password to connect. This can be either a domain user (using "DOM\User"-style usernames) or a local user created on the SVM (see the vserver cifs users-and-groups local-user create command). This is the same, actually, as with Windows servers and computers without any NetApp involved

 

Also, if you really need CIFS with Workgroup style authentication, it is possible that this might be added to Data OnTap at a later date (all documentation, for example, says it is "not yet available" or "currently not possible")....

 

Regards

-Michael

angelpublishing
27,922 Views

I'd just like to say it's very inconv. to force the use of AD just to enable CIFS. I'm a complete linux shop and use my FAS device for NFS primarily. I figured 'hey why not use it's CIFS support' ... nope.

 

So I'll be using a cheap, unreliable network storage device simply to host CIFS shares meanwhile.

 

++bump as a feature request. Simply let me turn it on and create shares like every other network storage device lets you.

 

Thanks for the sweet NFS support though.

Darkstar
27,895 Views

If you're a complete NFS shop, what do you need CIFS for? If it's only for 1 share that 2 or 2 users access, you can also use Microsoft's NFS for Windows, for example.

 

That being said, it's been possible for a few months now (since OnTap 9.0) to run an SVM in Workgroup mode without AD. See the man page for the "vserver cifs create -workgroup" command.

 

-Michael

angelpublishing
21,011 Views

Michael,

 

We are _currently_ an "NFS" shop because all I use the NetApp for is NFS storage for xenserver clusters. I have a separate low quality device that's being relied on heavily for CIFS, so I figured why not use the NetApp for CIFS too.

 

I'd like to move to the NetApp, that's all. I am on 9.x so thanks for the tip!

 

So basically, you can configure CIFS with an empty AD value via CLI, but not System Manager (I believe it gives you an error when it's blank).

 

 

-Kyle

PaulFiler
20,786 Views

What about a Workgroup CIFS share?   vserver cifs create -vserver hq-vs0 -cifs-server hq-vs0 -workgroup wg

JohnChen
20,742 Views

If you are Ontap9.0, you can set it up without AD.

I got it work on my NetApp 8080 with Ontap9.0 version.

 

 

1) Create CIFS server via CLI

Cluster1::>vserver cifs create -vserver <SVM> -cifs-server <SVM> -workgroup <workgroup01>

 

2) set diag

 

3) Enable local users auth

Cluster1::>vserver cifs options modify –vserver <SVM> -is-local-auth-enabled true

Cluster1::>vserver cifs options modify –vserver <SVM> -is-local-users-and-groups-enabled true

 

3) Create your local user that will authenticate

Cluster1::>vserver cifs users-and-groups local-user create –vserver <SVM> -user-name <USER>

 

4) Create a CIFS LIF on the SVM (separate IP but can be in same subnet as NFS)

5) Create a CIFS share on the same volume as the NFS mount

6) Map to the CIFS share using the user from step 3.  \\<LIF-IP-Address>\<CIFS-Share>

 

all4netapp
17,591 Views

hi

I'd follow the steps and i am able to read from the share but can't modify or create new file\folder

please your help

Scott

JohnChen
17,556 Views

check your share access control permission under SVMs/shares

 

 

JohnChen
17,534 Views

You also need to check MTU settings on host and netapp storage .  Need to be matched

josemartins525
7,767 Views

Perfect!!!

spearo
7,165 Views

This worked perfectly for me. Thanks. 

Public