ONTAP Discussions
ONTAP Discussions
We have v8.2.5P1 version of 7Mode, and (nervously) decided to disable SMBv1 options recently.
smb1.enable no no
smb1.client.enable no no
Everything seemed OK for a while until the NetApp lost connectivity to the DC and CIFS access was lost.
Any idea why we saw the delayed connectivity issues and is there a setting we missed to resolve this?
Solved! See The Solution
Microsoft deprecated SMBv1 in 2013. Newer operating systems will have SMBv1 disabled by default.
The filer will use SMB1 as default. The below option will enable smb2 connection with the DC.
options cifs.smb2.client.enabled
CIFS fails after upgrade to domain controllers for Data ONTAP 8 7-Mode
Sure. Those options do not take effect until the CIFS/SMB server is restarted.
Probably should upgrade to 8.2.5P5 for the CIFS/SMB NetLogon Secure channel fixes.
To clarify we re-enabled SMBv1 which reinitiated the connections and everything was back as before.
To ask a slightly separate question I see there is the ability to control what SMB version is used with domain controllers for authentication.
cifs.smb2.client.enable
However I can't see that option on our version of NetApp (8.2.5P1), is this a privileged set option does anyone know?
Thanks .
there are a number of cifs security fixes in the LATEST patch release. Upgrade to 8.2.5P5
That option I mentioned is not available until at least 8.2.5P4. Upgrade and read the link I sent in the last post.
Microsoft deprecated SMBv1 in 2013. Newer operating systems will have SMBv1 disabled by default.
The filer will use SMB1 as default. The below option will enable smb2 connection with the DC.
options cifs.smb2.client.enabled
CIFS fails after upgrade to domain controllers for Data ONTAP 8 7-Mode