Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

What does the kerberos.check_transited_list.enable option do?

Views:
126
Visibility:
Public
Votes:
0
Category:
data-ontap-8
Specialty:
cifs
Last Updated:

Applies to

  • Data ONTAP 8 7-mode
  • CIFS/SMB
  • Kerberos

Answer

  • This option allows support for cross-realm transitive trusts
  • Allows for verification of the Transited List
    • Contains a list of transited domains
    • Allows authentication if a transited domain is trusted by the current domain of the 7-mode CIFS Server
      • cifs domaininfo provides the current domain
      • The list of trusted domains must be obtained from the Active Directory Server

Additional Information

  • Transited Lists are not necessary if trust exists between all domains accessing the system
  • If checking the Transited List fails, the option may be disabled
    • kerberos.check_transited_list.enable off

 

Scan to view the article on your device