是否可以在创建 CIFS 服务器之前在 SVM 上配置 AES

最后更新
另存为PDF

Views:: 31

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

适用于

ONTAP 9
CIFS/SMB
高级加密标准 (AES)

问题解答

是的，您可以在 vserver 上创建 CIFS 服务器之前修改安全选项

注意：这将在创建多个 CIFS 服务器时节省时间。如果先创建 CIFS 服务器，然后启用 AES 加密，则需要再次输入凭据

示例：

cluster1::> cifs show -vserver <vserver_name>
 There are no entries matching your query

cluster1::> cifs security modify  -vserver <vserver_name> -is-aes-encryption-enabled true
 cluster1::> cifs security show -vserver <vserver_name>
 
 Vserver: <vserver_name>
 
             Kerberos Clock Skew:                            - minutes
             Kerberos Ticket Age:                            - hours
             Kerberos Renewal Age:                           - days
             Kerberos KDC Timeout:                           - seconds
             Is Signing Required:                            -
             Is Password Complexity Required:                -
             Use start_tls for AD LDAP connection:           false
             Is AES Encryption Enabled:                      true
             LM Compatibility Level:                        lm-ntlm-ntlmv2-krb
             Is SMB Encryption Required:                    -
             Client Session Security:                        none
             SMB1 Enabled for DC Connections:                false
             SMB2 Enabled for DC Connections:                system-default
             LDAP Referral Enabled For AD LDAP connections:   false
             Use LDAPS for AD LDAP connection:               false
             Encryption is required for DC Connections:       false
           AES session key enabled for NetLogon channel:    false
             Try Channel Binding For AD LDAP Connections:     true

适用于

问题解答

追加信息