Thursday, June 1, 2017

Does ONTAP need SMB1? No!

There are some rumors flying around that ONTAP, the OS behind NetApp storage appliances require SMB1 to operate in a Windows AD environment.  Well???




That would be false.

Data ONTAP 7-mode has had SMB2 available to it since SMB 2.0 was introduced.   When the OS talks with Domain Controllers for authentication, SMB1 was recommended for the longest time, but several years ago, that recommendation was lifted due to some enhancements in the SMB2 protocol.

Clustered ONTAP has had SMB2 available since inception and has had support for SMB3 since it's inception.  At some point, there still was a dependency on SMB1 for Domain Controller authentication traffic and some other features, but that has since been eliminated.  Those version are 8.3.2P5, 9.0P1 and 9.1 and above.

Starting in ONTAP 9.2, you can actually turn off SMB1 completely with the following 2 commands:

vserver cifs security modify -vserver svm1 -smb1-enabled-for-dc-connections false

vserver cifs options modify -vserver svm1 -smb1-enabled false

DONE!
Image result for drop the mic done



No comments:

Post a Comment