The transition to NetApp MS Azure AD B2C is complete. If you missed the pre-registration, you will be invited to reigister at next log in.
Please note that access to your NetApp data may take up to 1 hour.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

ONTAP Discussions

Cifs Issue 2012 AD DOT 8.2P5

graemeharney

Hi...I have a case logged but I thought I would ask here...

Running C-Mode 8.2P5

We are having an issue with CIFS and 2012 Domain Local groups. Our Domain is Server 2012, with a Trusted 2003 Domain.

I create a domain local group in the 2012 domain and add an account from the trusted 2003 domain and an account from the 2012 domain

I add this group onto a folder that and give it full control.

When I access he folder with the 2003 account, it works fine. When I try to access using the 2012 account I get a 'handle is invalid error' / access is denied

If I remove the 2003 account from the group and make the group type universal, the 2012 account can then browse the folder.

I Have replciated the error in out production and test environments

Any ideas ?

TIA

1 ACCEPTED SOLUTION

graemeharney

Yes, We have hita bug that is fixed in 8.2.1, It related to resource SID compression. there is a microsoft KB about it as well

http:/support.microsoft.com/kb/2774190      ....or

http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=649280

We have used the fix in the mircosoft article to resolve the problem for now....we eill be upgrading to 8.2.2 once it is GA

View solution in original post

2 REPLIES 2

DOMINIC_WYSS

Kerberos tokens come to my mind. there are still bugs in cDOT with them.

try to access the share over an alias (either in DNS or hosts file on 2012). if it works, then it's a Kerberos issue (because it will fall back to NTLM authentication).

one Kerberos bug has been fixed in 8.2.1(P2?) and another one about 16k Kerberos token size will be fixed in 8.2.2 (you have domain trusts so you may have big token sizes).

graemeharney

Yes, We have hita bug that is fixed in 8.2.1, It related to resource SID compression. there is a microsoft KB about it as well

http:/support.microsoft.com/kb/2774190      ....or

http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=649280

We have used the fix in the mircosoft article to resolve the problem for now....we eill be upgrading to 8.2.2 once it is GA

View solution in original post

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public