Skip to main content
NetApp Knowledge Base

CIFS domain password schedule Q&A

Views:
1,532
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9
  • CIFS

Answer

  • Since the schedule is disabled by default, what are the risks/impacts to get it enabled ?

No impact is expected assuming all systems (cluster, domain controller) are working correctly.

  • Why is cifs domain password schedule not automatically enabled after CIFS server is created ?
              It was determined to be the default behaviour.
  • Will existing CIFS sessions be cut when the passwords are being reset ?
This feature is related to change password of the SVM’s machine account which is used to communicate with the DC,  existing CIFS sessions are not affected by this change
  • Will new CIFS sessions fail when the passwords are being reset ?
Depending on the authentication method it could lead to a delay in the client authentication (and maybe an authentication failure if the client needs to renew the kerberos ticket to access)
  •  Is there any risk of burst/fail if all requests are send at the same time for all CIFS servers across the organization ?
               There is a random interval added on every password change schedule to avoid to overload the DCs with this activity
  • What can happen if a password cannot be changed for a specific CIFS server during the defined time window ?
If the machine account password change fails the SVM is no longer able to communicate properly with the DC so the client authentication may fail
NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.