ONTAP Discussions

Vserver LDAP signing - what is the impact for clients?

kombayn
651 Views

Hello

I need to enable LDAP signing on my CIFS vservers ("Client Session Security" set to "Sign"), but I'm not sure what will be the impact for current users using CIFS shares. Will they be disconnected? Should I also turn on the option "Is Signing Required" to True?

I'm using ONTAP 9.10.1P2

1 ACCEPTED SOLUTION

pedro_rocha
614 Views

I did not find specific answers for your questions.

 

I found this: https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Does_LDAP_signing_affect_applications_which_are_not_secure_LDAP_signin...

 

I understand that this setting does not affect SMB sessions, since it is between CIFS server and LDAP server. You can confirm this with NetApp support.

 

This can help you further also: https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_set_ONTAP_to_use_LDAP_Signing_or_Sealing_for_CIFS%2F%2FNFS

 

 

That setting "is signing required" is regarding SMB signing, not LDAP signing.

View solution in original post

4 REPLIES 4

pedro_rocha
624 Views

Hi,

 

just to make it clear. We are talking abou LDAP signing right? not SMB signing.

kombayn
623 Views

Correct - LDAP signing

pedro_rocha
615 Views

I did not find specific answers for your questions.

 

I found this: https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Does_LDAP_signing_affect_applications_which_are_not_secure_LDAP_signin...

 

I understand that this setting does not affect SMB sessions, since it is between CIFS server and LDAP server. You can confirm this with NetApp support.

 

This can help you further also: https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_set_ONTAP_to_use_LDAP_Signing_or_Sealing_for_CIFS%2F%2FNFS

 

 

That setting "is signing required" is regarding SMB signing, not LDAP signing.

kombayn
488 Views

Thanks for your advice. I've enabled LDAP signing and no user called me that he lost connection to his share - so I can confirm that there is no impact for existing CIFS sessions.

Public