Fpolicy fails to Register on 7-Mode CIFS with KRB5KRB_AP_ERR_MODIFIED due to CrowdStrike
Applies to
- Data ONTAP 7-Mode
- CrowdStrike
- CIFS
Issue
- Enabling Fpolicy causes latency on CIFS access, the following messages may be seen in
etc/messages
logs
[fpolicy:cifs.server.errorMsg:error]: CIFS: Error for
server \\<VSERVER>: Error while negotiating protocol with server STATUS_IO_TIMEOUT.
[fpolicy:fpolicy.fscreen.server.connectError:error]: FPOLICY: An attempt to connect to fpolicy server \\<VSERVER> for
policy varonis failed [0xc00000b5].
- Packet traces show Fpolicy server reporting
KRB5KRB_AP_ERR_MODIFIED
in response to session setup- A Kerberos SMB2 Session Setup Request SMB2 that is encrypted with
etype: eTYPE-ARCFOUR-HMAC-MD5 (23)
fails with
KRB Error: KRB5KRB_AP_ERR_MODIFIED
- A Kerberos SMB2 Session Setup Request SMB2 that is encrypted with