We are experiencing a vexing delay when users on non-domain-joined Windows workstations attempt to connect to shares on our filers using a UNC share path. For example, if a user goes to start->run on Windows XP and enters the path "\fileserver\sharename", they will see a delay ranging from two to ten minutes before they get an authentication prompt. Once authenticated to the server, there are no performance problems. If connecting using named credentials (either using the GUI "map network drive", or a command line "net use" command), this delay does not occur.
We did an awful lot of troubleshooting. Eventually we turned on cifs login tracing (options cifs.trace_login on) and found the following revealing entry in our logs: toast: auth.trace.authenticateUser.loginTraceMsg:info]: AUTH: Delaying the response by 5 seconds due to continuous failed login attempts by user administrator of domain <WORKSTATION> from client machine <IP Address>.
It appears that the Windows client is generating more login attempts than the filer thinks should be allowed! However, I have no ability to change the behavior of unmanaged Windows workstations, so I need to tune this from the server side.
Does anyone know how to change the number of consecutive login failures allowed by the filer? What about changing duration of the delay?
I have a case open with NetApp on this one, but they have not been able to provide answers so far.
-Greg Mackinnon University of Vermont