Solved: HTTP Authentication using NTLM failed

leonardo_m · ‎2011-07-13

Dear NetApp Users,

I have a problem with the Data ONTAP built in HTTP Web Server.

The authentication is not working properly. For example: Once that the user was authenticated he can access any folder independent of the share permission configuration, or be, the user can access folders which they wouldn´t.

The following message is shown:

Wed Jul 13 11:15:34 BRT [HTTPPool00:warning]: HTTP Authentication from XXX.XXX.XXX.XXX using NTLM failed

I use the CIFS Authentication which works without problems.

Some usefull information:

NETFAS 2020

NetApp Release 7.3.2

Domain type: Windows 2003

Authentication type: Active Directory

Security Style: NTFS Only

*The domain server firewall is disabled for now.

httpd.access legacy

httpd.admin.access legacy

httpd.admin.enable on

httpd.admin.hostsequiv.enable off

httpd.admin.max_connections 512

httpd.admin.ssl.enable on

httpd.admin.top-page.authentication on

httpd.autoindex.enable on

httpd.bypass_traverse_checking off

httpd.enable on

httpd.ipv6.enable off

httpd.log.format common

httpd.method.trace.enable on

httpd.rootdir /vol/rdstorage1/

httpd.timeout 900

httpd.timewait.enable off

cifs.LMCompatibilityLevel 1

cifs.audit.account_mgmt_events.enable on

cifs.audit.autosave.file.extension

cifs.audit.autosave.file.limit 0

cifs.audit.autosave.onsize.enable off

cifs.audit.autosave.onsize.threshold 75%

cifs.audit.autosave.ontime.enable off

cifs.audit.autosave.ontime.interval 1d

cifs.audit.enable off

cifs.audit.file_access_events.enable on

cifs.audit.liveview.allowed_users

cifs.audit.liveview.enable off

cifs.audit.logon_events.enable on

cifs.audit.logsize 1048576

cifs.audit.nfs.enable off

cifs.audit.nfs.filter.filename

cifs.audit.saveas /etc/log/adtlog.evt

cifs.bypass_traverse_checking on

cifs.client.dup-detection ip-address

cifs.comment Storage Comment

cifs.enable_share_browsing on

cifs.gpo.enable off

cifs.gpo.trace.enable off

cifs.grant_implicit_exe_perms off

cifs.guest_account

cifs.home_dir_namestyle ntname

cifs.home_dirs_public_for_admin on

cifs.idle_timeout 1800

cifs.ipv6.enable off

cifs.max_mpx 50

cifs.ms_snapshot_mode xp

cifs.netbios_aliases XXX.XXX.XXX.XXX

cifs.netbios_over_tcp.enable on

cifs.nfs_root_ignore_acl off

cifs.oplocks.enable on

cifs.oplocks.opendelta 0

cifs.per_client_stats.enable off

cifs.perm_check_ro_del_ok off

cifs.perm_check_use_gid on

cifs.preserve_unix_security off

cifs.restrict_anonymous 0

cifs.restrict_anonymous.enable off

cifs.save_case on

cifs.scopeid

cifs.search_domains

cifs.show_dotfiles on

cifs.show_snapshot on

cifs.shutdown_msg_level 2

cifs.sidcache.enable on

cifs.sidcache.lifetime 1440

cifs.signing.enable off

cifs.smb2.client.enable off

cifs.smb2.durable_handle.enable on

cifs.smb2.durable_handle.timeout 16m

cifs.smb2.enable off

cifs.smb2.signing.required off

cifs.snapshot_file_folding.enable off

cifs.symlinks.cycleguard on

cifs.symlinks.enable on

cifs.trace_dc_connection on

cifs.trace_login off

cifs.universal_nested_groups.enable on

cifs.weekly_W2K_password_change off

cifs.widelink.ttl 10m

I´ve tried to change some values unsuccessfully.

Do you have any tip about the problem?

Regards,

Leonardo Maia

muhammad_i_pasha · ‎2011-07-13

Share permissions only come into effect when you access data through that share. Have you tried NTFS permissions?

View solution in original post

muhammad_i_pasha · ‎2011-07-13

Share permissions only come into effect when you access data through that share. Have you tried NTFS permissions?

leonardo_m · ‎2011-07-13

Yes, it worked fine with the NTFS permissions.

I thought that DATA ONTAP Share Configurations should works with the HTTP authentication, however in my case, the HTTP authentication only worked properly with the NTFS permissions.

Thank you!