Effective December 3, NetApp adopts Microsoft’s Business-to-Customer (B2C) identity management to simplify and provide secure access to NetApp resources.
For accounts that did not pre-register (prior to Dec 3), access to your NetApp data may take up to 1 hour as your legacy NSS ID is synchronized to the new B2C identity.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

Simulator Discussions

Accessing vFiler via CIFS on Simulator with LDAP/passwd

MEGSKYWALKER

Hello,

 

I've got the problem that I can't access my vFilers on simulators via cifs. Problem occured on 7.3.6 sim and on 8.2.1 sim.

 

Error Samba:

Server requested LM password but 'client plaintext auth = no' or 'client ntlmv2 auth = yes'

Error Windows:

The account is not authorized to log in from this station.

 (I'm not able to enter any credentials)

 

CIFS options:

cifs.LMCompatibilityLevel    1
cifs.W2K_password_change     off
cifs.W2K_password_change_interval 4w
cifs.W2K_password_change_within 1h
cifs.audit.account_mgmt_events.enable off
cifs.audit.autosave.file.extension
cifs.audit.autosave.file.limit 0
cifs.audit.autosave.onsize.enable off
cifs.audit.autosave.onsize.threshold 75%
cifs.audit.autosave.ontime.enable off
cifs.audit.autosave.ontime.interval 1d
cifs.audit.enable            off
cifs.audit.file_access_events.enable on
cifs.audit.liveview.allowed_users
cifs.audit.liveview.enable   off
cifs.audit.logon_events.enable on
cifs.audit.logsize           524288
cifs.audit.nfs.enable        off
cifs.audit.nfs.filter.filename
cifs.audit.saveas            /etc/log/adtlog.evt
cifs.bypass_traverse_checking on
cifs.comment
cifs.gpo.enable              off
cifs.gpo.trace.enable        off
cifs.grant_implicit_exe_perms off
cifs.guest_account
cifs.home_dir_namestyle
cifs.idle_timeout            1800
cifs.ipv6.enable             off
cifs.max_mpx                 50
cifs.ms_snapshot_mode        xp
cifs.netbios_aliases
cifs.netbios_over_tcp.enable on
cifs.nfs_root_ignore_acl     off
cifs.oplocks.enable          on
cifs.oplocks.opendelta       0
cifs.per_client_stats.enable off
cifs.perfmon.allowed_users
cifs.perm_check_ro_del_ok    off
cifs.perm_check_use_gid      on
cifs.preserve_unix_security  off
cifs.restrict_anonymous      0
cifs.restrict_anonymous.enable off
cifs.rpcfd_timeout           0
cifs.save_case               on
cifs.scopeid
cifs.search_domains
cifs.show_snapshot           off
cifs.shutdown_msg_level      2
cifs.sidcache.enable         on
cifs.sidcache.lifetime       1440
cifs.signing.enable          off
cifs.smb2.enable             on
cifs.smb2.signing.required   off
cifs.smb2_1.branch_cache.enable off
cifs.snapshot_file_folding.enable off
cifs.symlinks.cycleguard     on
cifs.symlinks.enable         on
cifs.trace_dc_connection     off
cifs.trace_login             off
cifs.universal_nested_groups.enable on
cifs.widelink.ttl            10m

 Anything missing?

 

THX for help,

meg

 

4 REPLIES 4

shatfield

ipspace list

vfiler status -r

 

Is the vfiler running? 

Can you Ping its ip address?

 

Is cifs running in the vfiler?

vfiler run <vfiler> cifs restart

 

Is anything shared?

vfiler run <vfiler> cifs shares

 

Is it a member of a domain?

vfiler run <vfiler> cifs domaininfo

 

If so, can it talk to the DC?

vfiler run <vfiler> cifs testdc

 

were those options from the vfiler?

vfiler run <vfiler> options cifs

 

MEGSKYWALKER

ipspace list

vfiler status -r


 Not possible within a vfiler.

 


Is the vfiler running? 

Can you Ping its ip address?


 Sure, I'm on it. Everything work (ssh, sftp etc.) except cifs.

 


Is cifs running in the vfiler?

vfiler run <vfiler> cifs restart


 test@rz-vm210> cifs restart
 CIFS is already running.

 


Is anything shared?

vfiler run <vfiler> cifs shares


 cifs shares
Name Mount Point Description
---- ----------- -----------
ETC$ /vol/test/etc Remote Administration
** priv access only **
HOME /vol/test/home Default Share
everyone / Full Control
C$ / Remote Administration
meg / Full Control 

 


Is it a member of a domain?

vfiler run <vfiler> cifs domaininfo


 Nope. LDAP.

 


If so, can it talk to the DC?

vfiler run <vfiler> cifs testdc


 see above.

 


were those options from the vfiler?

vfiler run <vfiler> options cifs 


see first post

shatfield

does it work if you run cifs in workgroup mode?

 

Guessing the problem is ldap related.

 

MEGSKYWALKER

@shatfield wrote:

does it work if you run cifs in workgroup mode?

 

Guessing the problem is ldap related.

 


You guest right. So I have to change the topic.

Why it didn't work with /etc/passwd and/or ldap?

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public