ONTAP Discussions

Can't access CIFS shares after moving from AD domain to Workgroup

emilysam1
4,290 Views

We have a FAS2700 that until recently had been connected to an AD domain with a CIFS  SVM and several shares created.  After the network was decommissioned due to the office closing, it was realized there was some data left on the NetApp that had not been migrated.  I've successfully reconfigured the networking and have connectivity to the netapp.  I also modified the vserver to change the authentication from AD domain to a workgroup  (I had to deleted the LDAP client to allow that to change to complete).  The CIFS server is showing that it is up and I can ping it just fine.  However, I can't access any of the existing shares by IP address.   I tried to delete the DNS information since there is no DNS server on this network anymore but I couldn't delete it in the GUI interface.   Any advice for how I can get access to these shares would be greatly appreciated.  A related question - if I delete the existing shares, will the data that is currently stored on those shares also get deleted or could I delete the shares and create new ones that point to the same storage location?

1 ACCEPTED SOLUTION

emilysam1
4,185 Views

Thanks to those who replied.  Turned out when I created the LIF I didn't specify the data protocol as CIFS.  When looking at it again, it was set to NONE.  I deleted the LIF and recreated it with the -data-protocol CIFS parameter and now it's working fine.   

View solution in original post

3 REPLIES 3

mrahul
4,220 Views

You can move a SMB server from a workgroup to an Active Directory domain, from a workgroup to another workgroup, or from an Active Directory domain to a workgroup by using the vserver cifs modify command.

 

Please cross check your actions with steps mentioned in  https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-cifs%2FGUID-4730A5FA-ECBF-4A62-9595-C9CD99CCC270.html

 

jcolonfzenpr
4,199 Views

I had a costumer with a similar problem and the resolution for them where:

 

1. Define local user in the storage (Use to authenticate to the SVM SHARE)

2. Delete the SVM OLD Computer Object from AD (something related to SPN)

3. Through troubleshooting found an issue with NTLM disabled in their Domain. (Ontap Workgroup only support NTLM and not Kerberos.). They use a Windows Computer not joined to the Domain to access the SHARE content.

 

https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-cifs%2FGUID-861C90E9-A8B2-405C-9020-0C38679BD72B.html

 

Good Luck. 

Jonathan Colón | Blog | Linkedin

emilysam1
4,186 Views

Thanks to those who replied.  Turned out when I created the LIF I didn't specify the data protocol as CIFS.  When looking at it again, it was set to NONE.  I deleted the LIF and recreated it with the -data-protocol CIFS parameter and now it's working fine.   

Public