Problem: Access to netapp shares not possible

Problem:

In order to create an Active Directory machine account for the CIFS server, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "CN=server,CN=computers,OU=my,DC=schein,DC=ig" container within the "SCHEIN.IG" domain.

https://kb.netapp.com/app/answers/answer_view/a_id/1006780/~/troubleshooting-workflow%3A-cifs-authentication-failures

Investigation:

Check
ucr get samba/max/protocol
This must not be set on nt1

You can open the share via
net use K: \ucs-master\SYSVOL /USER:Charly@SCHEIN.IG

Solution

You could set secure_channel to auto in the smb.conf (or rather in /etc/samba/local.conf), but this is absolutely not recommended, because that makes your Samba/AD DC vulnerable to the Zerologon security vulnerability! (See Status of Zerologon (CVE-2020-1472) security issue in UCS).

Mastodon