Displaying information about CIFS server security settings
You can display information about CIFS server security settings on your storage virtual machines (SVMs). You can use this information to verify that the security settings are correct.
About this task
A displayed security setting can be the default value for that object or a non-default value that is configured either by using the ONTAP CLI or by using Active Directory group policy objects (GPOs).
Note
You must not use the vserver cifs security show command for the CIFS server in workgroup mode because some of the options are not valid.
Perform one of the following actions:
| If you want display information about... | Enter the command... |
|---|---|
| All security settings on a specified SVM | vserver cifs security show -vserver vserver_name |
| A specific security setting or settings on the SVM | vserver cifs security show -vserver vserver_name -fields [fieldname,...] You can enter -fields ? to determine what fields you can use. |
The following example shows all security settings for SVM vs1:
cluster1::> vserver cifs security show -vserver vs1
Vserver: vs1
Kerberos Clock Skew: 5 minutes
Kerberos Ticket Age: 10 hours
Kerberos Renewal Age: 7 days
Kerberos KDC Timeout: 3 seconds
Is Signing Required: false
Is Password Complexity Required: true
Use start_tls For AD LDAP connection: false
Is AES Encryption Enabled: false
LM Compatibility Level: lm-ntlm-ntlmv2-krb
Is SMB Encryption Required: false
The following example shows the Kerberos clock skew for SVM vs1:
cluster1::> vserver cifs security show -vserver vs1 -fields kerberos-clock-skew
vserver kerberos-clock-skew
------- -------------------
vs1 5
Give documentation feedback