Skip to main content
NetApp Knowledge Base

Is LDAP authentication performed every time NFS or CIFS access occurs

  1. Last updated
  2. Save as PDF
Views:
77
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

ONTAP 9

Answer

No, LDAP authentication is not performed every time NFS or CIFS access occurs.

  • LDAP Authentication for NFS and CIFS Access: 
    • LDAP authentication is not performed every time NFS or CIFS access is requested. 
    • ONTAP uses LDAP caching to improve performance. 
    • User and group information retrieved from LDAP is cached for a certain period. 
    • During this cache validity period, ONTAP does not re-query the LDAP server. 
    • LDAP authentication occurs when the cache expires or when accessing information not present in the cache.
  • Specifying LDAP Servers: 
    • Multiple LDAP servers can be specified for ONTAP by configuring the LDAP client settings. 
    • ONTAP attempts to connect to the LDAP servers in the order they are listed. 
    • If the first server does not respond, ONTAP fails over to the next server in the list. 
    • Fine-grained control to always use a specific LDAP server is not possible; ONTAP will always try the servers in the specified order.
  • Checking LDAP Server Status: 
    • In a production environment, ONTAP attempts to connect to servers in the order in which they are registered.
    • When the vserver services name-service ldap check command is executed, ONTAP does not follow the configured order; instead, the system selects the server with the smallest IP address among those registered and performs the connection check on that server.
    • To check the status of other LDAP servers, need to perform individual connection tests to each server.

Additional Information

 
NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.