Hello,
I am running Ontap 7.1.2.1 with CIFS, and trying to figure out a way to authenticate users locally using the Filer. I only manage 5-10, so I don't want to use an external Active Directory or NIS.
I have followed http://www.netapp.com/library/tr/3358.pdf (CIFS File Services in a DMZ Environment), but couldn't make it work.
I have configured authentication mode to Workstation: WinNT, and remove the default user mapping of Unix to Win and Win to Unix. I have also created a new group (using useradmin tool) with a "none" role and added a user to this group. All authentication requests from a Win2003 or WinXP, using the local user have failed.
Have anyone setup a Filer to work in a similar configuration ? What am I missing ?
Thanks.
Roger:
I think you're on the right track. Set up cifs in workgroup mode with filer account authentication. Then put the non-admin users into a group with no login privledges. Users will most likely be prompted when they first connect to the filer to enter a login and password, but that's normal in workgroup mode.
You can still debug authentication issues with the cifs.trace_login option.
-- Adam Fox adamfox@netapp.com
-----Original Message----- From: Roger G [mailto:ro_gi@msn.com] Sent: Thursday, November 08, 2007 3:03 PM To: toasters@mathworks.com Subject: CIFS File Services with local filer authentication
Hello,
I am running Ontap 7.1.2.1 with CIFS, and trying to figure out a way to authenticate users locally using the Filer. I only manage 5-10, so I don't want to use an external Active Directory or NIS.
I have followed http://www.netapp.com/library/tr/3358.pdf (CIFS File Services in a DMZ Environment), but couldn't make it work.
I have configured authentication mode to Workstation: WinNT, and remove the default user mapping of Unix to Win and Win to Unix. I have also created a new group (using useradmin tool) with a "none" role and added a user to this group. All authentication requests from a Win2003 or WinXP, using the local user have failed.
Have anyone setup a Filer to work in a similar configuration ? What am I missing ?
Thanks.
-- View this message in context: http://www.nabble.com/CIFS-File-Services-with-local-filer-authentication -tf4773227.html#a13654632 Sent from the Network Appliance - Toasters mailing list archive at Nabble.com.
You used to have to enable "plaintextpasswords" on all the windows clients without a domain. I am not sure if NetApp changed that or not (I think they may have, but that may also have been in 7.2.x)
--tmac
On 11/8/07, Roger G ro_gi@msn.com wrote:
Hello,
I am running Ontap 7.1.2.1 with CIFS, and trying to figure out a way to authenticate users locally using the Filer. I only manage 5-10, so I don't want to use an external Active Directory or NIS.
I have followed http://www.netapp.com/library/tr/3358.pdf (CIFS File Services in a DMZ Environment), but couldn't make it work.
I have configured authentication mode to Workstation: WinNT, and remove the default user mapping of Unix to Win and Win to Unix. I have also created a new group (using useradmin tool) with a "none" role and added a user to this group. All authentication requests from a Win2003 or WinXP, using the local user have failed.
Have anyone setup a Filer to work in a similar configuration ? What am I missing ?
Thanks.
-- View this message in context: http://www.nabble.com/CIFS-File-Services-with-local-filer-authentication-tf4... Sent from the Network Appliance - Toasters mailing list archive at Nabble.com.
You only have to do that if you are using /etc/passwd or NIS as the authentication source. If you use filer accounts, you don't need to do this. This has been true since sometime in ONTAP 6.
-- Adam Fox adamfox@netapp.com
________________________________
From: tmac [mailto:tmacmd@gmail.com] Sent: Thursday, November 08, 2007 3:25 PM To: Roger G Cc: toasters@mathworks.com Subject: Re: CIFS File Services with local filer authentication
You used to have to enable "plaintextpasswords" on all the windows clients without a domain. I am not sure if NetApp changed that or not (I think they may have, but that may also have been in 7.2.x)
--tmac
On 11/8/07, Roger G ro_gi@msn.com wrote:
Hello, I am running Ontap 7.1.2.1 with CIFS, and trying to figure out a way to authenticate users locally using the Filer. I only manage 5-10, so I don't want to use an external Active Directory or NIS. I have followed http://www.netapp.com/library/tr/3358.pdf (CIFS File Services in a DMZ Environment), but couldn't make it work. I have configured authentication mode to Workstation: WinNT, and remove the default user mapping of Unix to Win and Win to Unix. I have also created a new group (using useradmin tool) with a "none" role and added a user to this group. All authentication requests from a Win2003 or WinXP, using the local user have failed. Have anyone setup a Filer to work in a similar configuration ? What am I missing ? Thanks. -- View this message in context: http://www.nabble.com/CIFS-File-Services-with-local-filer-authentication -tf4773227.html#a13654632 Sent from the Network Appliance - Toasters mailing list archive at Nabble.com.
-
Fox, Adam -
Roger G -
tmac