Oy, the amount of time this beauty gets asked - by Windows guys as well as storage guys. So, in the spirit of the usual "if it's here I can find it again" here's the skinny on NTLM & Kerberos authentication to NetApp systems for Windows NAS (CIFS (SMB)) access.
If you have a NOW account click here which says on the storage controller to execute:
Options cifs.LMCompatibilityLevel (1,2,3,4,5)
where:
1 - Accepts LM, NTLM, NTLMv2 session security, NTLMv2, Kerberos.
2 - Accepts NTLM, NTLMv2 session security, NTLMv2, Kerberos.
3 - Accepts NTLMv2 session security, NTLMv2, Kerberos.
4 - Accepts NTLMv2, Kerberos.
5 - Accepts Kerberos only.
As you can see, if you're in a secure environment there's every chance that as soon as you put the FAS into an Active Directory domain you're going to hike the number up to a five, or a four at worst. Obviously you need to check with the Active Directory staff to ensure that your methods match the group policy in place
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment