Network and Storage Protocols
We have a problem in a customers environment that clients that are not in the same Active Directory cannot get access to cifs shares.
The error at the Ontap 8.1.1P1 7-Mode-Cli is as follows:
Tue Jan 22 09:08:30 CET [netapp1:auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Connection with \\APEFF established.
Tue Jan 22 09:08:30 CET [netapp1:auth.trace.authenticateUser.loginRejected:info]: AUTH: Login attempt by user rejected by the domain controller with error 0xc0000022: STATUS_ACCESS_DENIED.
Clients from inside the AD can access the shares, but the others cannot. I think this can be a problem caused by a GPO in the 2008-AD?!?!
Thanks for your replies!
See The Solution
Hi! I have already tried this option, but with no success.
Yesterday I tried a dcdiag on the first discovered and preferred DC and the log showed me several errors.
So I changed the preferred DC to the second DC and now everything works fine.
I recommended the customer to reinstall the corrupted DC.
Many thanks for your help!
View solution in original post
Have you tried this one?
To avoid this issue, disable SMB 2.x on the system by entering the following command:
options cifs.smb2.client.enable off
Live Chat, Watch Parties, and More!
Engage digitally throughout the sales process, from product discovery to conﬁguration, and handle all your post-purchase needs.