ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

when mounting CIFS on linux

cheese123
Friday
164 Views

after mounting a CIFS share on a linux system (rhel8, fully patched) i sometimes get:

 

 CIFS: VFS: sign fail cmd 0x8 message id 0x107ebf
 CIFS: VFS: \\FILER\SHARE SMB signature verification returned error = -13

 

the mount seems to work, but i dont know if this is true for every access.

 

there exists an KB article at https://kb.netapp.com/on-prem/ontap/da/NAS/NAS-KBs/SAMBA_Client_returns_SMB_signature_verification_error

 

where i'm advised to use nfs instead.

seriously?

CIFS and NFS are NOT interchangeable. eg. complex permission sets dont translate from one to another.

 

there seems to be an old KB at https://www.suse.com/support/kb/doc/?id=000020670

where suse recommended to upgrade from 9.5.P13 to ontap 9.5P14

maybe just a similar error, and not the same. hopefully not the same 🙂

I dont have any clue which bug/feature was fixed in 9.5.P14

 

 

0 Kudos
2 REPLIES 2

parisi
A-Team Tech Advisor A-Team Tech Advisor
Friday
122 Views

"sign fail" sounds like your domain controller or CIFS server requires SMB signing and the Linux SMB client either doesn't support it or can't perform signing properly. A packet capture would likely show that.

 

I would start down that path. Workarounds would be to disable signing (perhaps via smb.conf?) or to try using krb5 as a mount option in the SMB mount, as shown here:

 

Mounting ONTAP CIFS/SMB shares with Linux – Guidelines and tips | Why Is The Internet Broken?

 

If the Linux client is not domain joined, I would suggest doing that as well.

0 Kudos

cedric_renauld
yesterday
38 Views

Hello

Your Linux is the only client for this share ?

I think your SVM is registered in an AD ... have you patched this AD last month ?

You can cehck this KB: https://kb.netapp.com/Support_Bulletins/Customer_Bulletins/SU530

And the SMB version you use in the linux client, but be aware, the first ONTAP patch version is 9.7Pxx ...

Mabt try to see wich type of connection you have on the SVM :

vserver cifs session show -node <node_name> -vserver <vserver_name> -fields auth-mechanism

https://kb.netapp.com/on-prem/ontap/OHW/OHW-KBs/How_Authentication_Mechanism_of_established_CIFS_session_can_be_identified

0 Kudos
Announcements
All Community Forums
Public