Multiple ANONYMOUS LOGON in CIFS session show after enabling encryption

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 264

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

Applies to

ONTAP 9
CIFS/SMB
SMB Encryption

Issue

After enabling encryption, cifs session show reports multiple ANONYMOUS LOGON
Multiple different session-id are created, but connection-id is the same:

node vserver session-id connection-id windows-user files protocol-version is-session-signed smb-encryption-status ----- -------- ------------------- ---------- --------------------------- -- ------ ----- --------- Node1 Vserver1 3151112364572737813 1701772659 AD\John Doe 12 SMB3_1 false encrypted Node1 Vserver1 3151112364572738124 1701772659 NT AUTHORITY\ANONYMOUS LOGON 0 SMB3_1 false encrypted Node1 Vserver1 3151112364572738161 1701772659 NT AUTHORITY\ANONYMOUS LOGON 0 SMB3_1 false encrypted Node1 Vserver1 3151112364572738165 1701772659 NT AUTHORITY\ANONYMOUS LOGON 0 SMB3_1 false encrypted Node1 Vserver1 3151112364572740431 1701772659 NT AUTHORITY\ANONYMOUS LOGON 0 SMB3_1 false encrypted

Packet trace show multiple Null user authentication:

Client null user.png