Hi Eugene

Thanks for reply

We are 8.1.1 RC 7 mode

Good luck with your install

I would open this with support, which I will do on Tuesday but thought it was a good one to air and share

My main thing is to minimise or make sure I make the right change to the netapp

Thanks in advance for any insight you can share

Hi

No I didn’t get this resolved

Here is what I learnt

Netapp don’t yet support win10 (hey it’s only been around 12 months in beta, you have to give these guys time)

You can’t cripple the SMB3 requirement in win 10, like you can in win8 and server 2012 – that I think is the core issue – the reg value is explicitly rejected by win 10, the reg value I am talking about is below – you can create any other value in that key, for example ‘bacon’ and set it to a value of 1, but not requiresecurenegotiate it gets rejected

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 –Force

I have posted on windows insider to say hey, thanks guys but give us a choice please

I ultimately due to commercial pressure, downgraded the client, something I was not happy about as I hate reversing progress, but have kept a test client on to get to the bottom of it

Options are

to upgrade our netapp, to the latest and greatest to support smb 3 globally (no bad thing but a significant task)

Wait for something from MS to allow disabling the SMB 3 requirement

HTH

Hi,

After some more personal digging around (my support ticket was getting nowhere fast) I have managed to successfully browse CIFS shares on my snapmirror filer at our DC.

To do this I had to enable cifs signing and bounce the cifs service.

FILER> cifs terminate

CIFS local server is shutting down...

CIFS local server has shut down...
FILER> options cifs.signing.enable on
FILER> cifs restart
CIFS local server is running.
Can't set cifs branchcache server secret.

This filer is running 8.1.4P1 7-Mode

This weekend we have a full power shutdown at our production site so I will try this on power up. It's so hard to get the users to close down their connections!!!!

One thing I did notice though. The filer does not show the W10 client using security signatures - output from cifs sessions -t

Using domain authentication. Domain type is Windows 2000.
Root volume language is not set. Use vol lang.
Number of WINS servers: 0
Total CIFS sessions: 1
CIFS open shares: 1
CIFS open files: 0
CIFS locks: 3
CIFS credentials: 1
IPv4 CIFS sessions: 1
IPv6 CIFS sessions: 0
Cumulative IPv4 CIFS sessions: 26383
Cumulative IPv6 CIFS sessions: 0
CIFS sessions using security signatures: 0

Will post results from production environment after the weekend

Damit geht es mit einer 8.1 7-Mode:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
"EnablePlainTextPassword"=dword:00000000
"EnableSecuritySignature"=dword:00000001
"RequireSecuritySignature"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
  00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
  77,00,6b,00,73,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00
"ServiceDllUnloadOnStop"=dword:00000001
"OtherDomains"=hex(7):00,00
"AllowInsecureGuestAuth"=dword:00000001

Hi

Just tested this on my W10 VM and it works connecting to CIFS on 8.1P1 7Mode.

You are a star, thank you.

Steve

Thanks you sir!  The perfect one off fix!

it works ! Thanks everybody

Note: This a bug in the OnTap 7.37P3 Version. 

RequireSecuritySignature is not required to be On or 00000001 in OnTap 8.1.2 7-Mode

With the above on, you cut your speed in 1/2 when writing to the Netapp.

Because Version 7 is no longer supported, Netapp has no desire to fix it.  If you are still using the older Filers, namely the FAS2020's, you'll see this problem.

Having said that, Netapp is still the best!!!!!!!!!!!

same problem here , did you manage to solve the problem ?

seems to work here with      cifs.audit.enable            on