CIFS authentication on FAS2050 and LDAP authoriztion doubt process

CIFS authentication on FAS2050 and LDAP authoriztion doubt process

Post by udomsa » Mon, 07 Apr 2008 18:09:11


I'm newbie in OnTAPdata ( FAS 2050 ) environment , now I have confuse
about configuration and authentication method that use in this.

So my requirement is

Windows client access to CIFS on filer ( FAS2050 ) and filer query
OpenLDAP for authorization information.

Can i do this without ActiveDirectory ? , i seen some document
( "integration of a NetApp Storage System with a Unix Based LDAP
server" ) does not require any AD. but in many of documents guide
they said If i want to use CIFS disk context i'm need AD to
complete this , anyone who can suggest this ?



thank you

( sorry for my bad english )
 
 
 

CIFS authentication on FAS2050 and LDAP authoriztion doubt process

Post by Faeanda » Wed, 09 Apr 2008 10:23:37

On Sun, 6 Apr 2008 02:09:11 -0700 (PDT), udomsak



CIFS means Windows and Windows means AD, or at the very least Samba.
So whatever mechanism you use to validate/authenticate Windows users
is needed for Ontap as well.

Ontap can utilize the following authentication mechanisms in
conjunction; NIS, files, LDAP, and AD.

So determine what you use for Windows users and setup the same
authentication on the filer.

Does that help?

~F

 
 
 

CIFS authentication on FAS2050 and LDAP authoriztion doubt process

Post by udomsa » Thu, 10 Apr 2008 17:00:16


exactly , we implement new system with OpenLDAP for keeping user disk-
profile as userLoginId,Password,GroupidNumber, etc.
and place Ontap in middle as below

[ client ] ------> FAS2050 ---> [ OpenLDAP ]

auth (req disk ) ---> FAS2050 --> (verify and authorization)


In otherhand we need to config filer as CIFS to support Windows
client ( it's possible ? ) , I saw in configuration wizard that say
about support authentication type such as WorkGroup , NTLM (Domain
system ? ) . So but as i read document above they do not require
AD for complete this action ( it's true? ) , so just edit 'nsswitch'
file to support this operation config that enough , that make me
confuse about
authentication method in filer

Also, an engineer who setting new filer they say Ontap support only
'Plain text password and Crypt password type ' to communicate with
it's true ?


So , now i have new solution config SAMBA PDC + OpenLDAP to solving ,
It's possible if i don't want SAMBA PDC to support CIFS authen ?

thank you for your advance :-)