Network and Storage Protocols

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

Unable to connect from Vista (domain member) to filer (workgroup authentication)

aborzenkov
‎2010-05-06 12:28 AM
5,001 Views

I try to setup simulator test bed (sim 7.3.2) on my workplace; this is Vista in domain. I have no way to add simulator to this domain anyway, so it is setup over Vmware host-only interface using workgroup authentication. Unfortunately I am not able to connect to it - I always get password request from Vista interface. I verified using cifs.trace_login that connect request actually comes in and is accepted (i.e. windows user is mapped to valid Unix user). On Vista I see that system tries to connect to simulator but nothing more. I suspect the problem is actually on Vista side (some domain policy settings); I appreciate any hint what could it be. Thank you!

0 Kudos
View By:
6 REPLIES 6

dchilton
NetApp Alumni
‎2010-05-07 11:19 AM
5,001 Views

Have you tried creating a local user account on the filer.  This KB article explains how to do so.

https://now.netapp.com/Knowledgebase/solutionarea.asp?id=kb19794

http://now.netapp.com/NOW/knowledge/docs/ontap/rel733/html/ontap/filesag/frameset.html

Once the local user account is created on the filer; Try connecting to the CIFS share from the Vista account using the credentials of the filer's local user.

Ex. Create user account "vistauser"

Map share using credentials FILERNAME\vistauser with the password that you designated above.

0 Kudos

aborzenkov
‎2010-05-07 11:51 AM
In response to dchilton
5,001 Views 
Have you tried creating a local user account on the filer.

Of course. Sorry for not mentioning it, but I thought it was obvious

I try to map drive using local account on filer (filer_name\administrator). This fails - on client (Vista) side I awlays get password prompt. User is default administrator created during CIFS setup.

0 Kudos

netappnasadmin
‎2010-05-07 06:19 PM
5,001 Views

Hello,

if u can remember u filer installation steps.

did u enable the option 3 ...? during u filer installation steps........

when u enable option 3 & it will prompt to enter password this password can be use to share cifs from u r vm to the local windows vista box...

Selection (1-2)? [1]:
CIFS requires local /etc/passwd and /etc/group files and default files
will be created. The default passwd file contains entries for 'root',
'pcuser', and 'nobody'.
Enter the password for the root user []:
Retype the password:
The default name for this CIFS server is 'SRIRAM'.
Would you like to change this name? [n]:
Data ONTAP CIFS services support four styles of user authentication.
Choose the one from the list below that best suits your situation.

(1) Active Directory domain authentication (Active Directory domains only)
(2) Windows NT 4 domain authentication (Windows NT or Active Directory domains)
(3) Windows Workgroup authentication using the filer's local user accounts
(4) /etc/passwd and/or NIS/LDAP authentication

Selection (1-4)? [1]: 4
What is the name of the Workgroup? [WORKGROUP]:
CIFS - Starting SMB protocol...
Welcome to the WORKGROUP Windows(R) workgroup

CIFS local server is running.


Password:

0 Kudos

aborzenkov
‎2010-05-08 07:04 AM
In response to netappnasadmin
5,001 Views

If that was question, I am sorry but I missed it.

Yes, I created local administrator user during cifs setup, I used option 3 as indicated in subject and I assigned password to administrator user.

0 Kudos

eric_barlier
‎2010-05-09 07:42 PM
In response to aborzenkov
5,001 Views

Hi,

Your vista box is in workgroup <workgroup> I assume?  What does this give: <cifs domaininfo>?

show us your

options wafl

as well please.

Eric

0 Kudos

aborzenkov
‎2010-05-10 01:10 AM
5,001 Views

For the record (because it was something new to me).

First, I had problems accessing administrative shares (c$, etc$); I could access other shares. Sorry for not mentioning that.

Initially this simulator was setup using /etc/passwd authentication. In this mode administrative shares get set to no access at all:

ETC$         /etc                              Remote Administration
                        ** priv access only **

ntapcs3954 states:

only root or administrator  on the filer may access the particular shares

As far as I can tell, that is true for all shares, except administrative shares. For these two particular shares I get the following behaviour:

  • if root volume is set to unix security, I cannot even connect to share, I always get password request
  • if root volume is set to ntfs security, I am able to connect but am not able to access directory in any way

I repeat - this happens only for c$ and etc$, only if security for etc$ and/or c$ is set to No Access which happens only if you configure filer to use password authentication. If filer is initially set to workgroup or better, access is automatically set to BUILTIN\Administrators Full Control. But part of problem is, re-running cifs setup does not change existing shares (unless you have deleted them), so even though I had changed filer to workgroup shares remained stuck in No Access mode.

So it looks like either a bug or some undocumented feature. If it works as intended, would be nice if someone updated ntapcs3954 to clearly state it.

0 Kudos
All Community Forums
Public