Skip to main content
NetApp Knowledge Base

What's the impact of using 'SYSTEM' authentication of a service when accessing SMB Shares

not set
not set
Last Updated:

Applies to

  • ONTAP 9
  • Windows Services




  • If the account uses NTLM then each cifs session will require the SMB server to reach out to the domain controller (DC) to validate the credentials passed
    • This service is called RPC_NETLOGON, ONTAP will open a connection to the DC to pass the creds via netlogon
  • If the cifs session is not reused, each file operation will open a new cifs session and require credential validation via the DC
    • A service that reads {x} files will cause {x} password validations from the SMB server to the DC (very taxing)
  • This issue compounds exponentially when the DC begins to slow down from the excess validation, resulting in SECD failures.


NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.


  • Was this article helpful?