是否可以在创建CIFS服务器之前在SVM上配置AES

最后更新
另存为PDF

Views:: 3

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

适用场景

ONTAP 9
CIFS\ SMB
高级加密标准(Advanced Encyp象限)(AES)

问题解答

可以、您可以在 Vserver上创建CIFS服务器之前修改安全选项

注意： 这将节省创建多个CIFS服务器的时间。如果先创建CIFS服务器、然后启用AES加密、则需要重新输入凭据

示例：

cluster1::> cifs show -vserver <vserver_name>
 There are no entries matching your query

cluster1::> cifs security modify  -vserver <vserver_name> -is-aes-encryption-enabled true
 cluster1::> cifs security show -vserver <vserver_name>
 
 Vserver: <vserver_name>
 
             Kerberos Clock Skew:                            - minutes
             Kerberos Ticket Age:                            - hours
             Kerberos Renewal Age:                           - days
             Kerberos KDC Timeout:                           - seconds
             Is Signing Required:                            -
             Is Password Complexity Required:                -
             Use start_tls for AD LDAP connection:           false
             Is AES Encryption Enabled:                      true
             LM Compatibility Level:                        lm-ntlm-ntlmv2-krb
             Is SMB Encryption Required:                    -
             Client Session Security:                        none
             SMB1 Enabled for DC Connections:                false
             SMB2 Enabled for DC Connections:                system-default
             LDAP Referral Enabled For AD LDAP connections:   false
             Use LDAPS for AD LDAP connection:               false
             Encryption is required for DC Connections:       false
           AES session key enabled for NetLogon channel:    false
             Try Channel Binding For AD LDAP Connections:     true

适用场景

问题解答

追加信息