ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

Is CVE-2021-42287's updates compatible with ONTAP 9?

JOEY_STORAGE
‎2021-11-15 04:56 AM
4,424 Views

In November 9 2021, Microsoft release a monthly security update, which imporves authentication safaty described in CVE-2021-42287

 

I have a test in NAS lab:

1. Windows server 2019( with KB5007206): Set PacRequestorEnforcement registry value to “2” (Enforcement phase)

2. Ontap simulater 9.8P7: A SVM join AD domain with administator

 

It returns "join failed".

 

20211115-netapp-join-ad-domain-failed.png

Trace packet shows an error about KPASSWD, seems that initiate the password of machine account

JOEY_STORAGE_1-1636980840248.png

 

 

1 ACCEPTED SOLUTION

andris
NetApp
‎2022-05-28 11:09 AM
3,038 Views

Closing the loop... this issue is tracked by Bug 1465232 - CIFS password change operation might fail.

There are ONTAP fixes in various branches, as well as a workaround if an ONTAP upgrade is not possible at this time.

View solution in original post

0 Kudos
3 REPLIES 3

paul_stejskal
NetApp
‎2021-11-15 07:13 AM
4,374 Views

I am checking with NAS. Please open a case. This is news to us because there are zero cases on this, but good looking out.

 

Post the case # when done.

JOEY_STORAGE
‎2021-11-15 07:12 PM
4,308 Views
Hi,
Case # 2008980660 is here, please update the Cause&Solution soon in KB
 
 
Thanks
0 Kudos

andris
NetApp
‎2022-05-28 11:09 AM
3,039 Views

Closing the loop... this issue is tracked by Bug 1465232 - CIFS password change operation might fail.

There are ONTAP fixes in various branches, as well as a workaround if an ONTAP upgrade is not possible at this time.

0 Kudos
All Community Forums
Public