Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

CIFS domain password schedule Q&A

Views:
170
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

Applies to

  • ONTAP 9
  • CIFS

Answer

  • Since the schedule is disabled by default, what are the risks/impacts to get it enabled ?

No impact is expected assuming all systems (cluster, domain controller) are working correctly.

  • Why is cifs domain password schedule not automatically enabled after CIFS server is created ?
              It was determined to be the default behaviour.
  • Will existing CIFS sessions be cut when the passwords are being reset ?
This feature is related to change password of the SVM’s machine account which is used to communicate with the DC,  existing CIFS sessions are not affected by this change
  • Will new CIFS sessions fail when the passwords are being reset ?
Depending on the authentication method it could lead to a delay in the client authentication (and maybe an authentication failure if the client needs to renew the kerberos ticket to access)
  •  Is there any risk of burst/fail if all requests are send at the same time for all CIFS servers across the organization ?
               There is a random interval added on every password change schedule to avoid to overload the DCs with this activity
  • What can happen if a password cannot be changed for a specific CIFS server during the defined time window ?
If the machine account password change fails the SVM is no longer able to communicate properly with the DC so the client authentication may fail
Scan to view the article on your device