Determining whether SMB sessions are signed
You can display information about connected SMB sessions on the CIFS server. You can use this information to determine whether SMB sessions are signed. This can be helpful in determining whether SMB client sessions are connecting with the desired security settings.
Perform one of the following actions:
| If you want display information about... | Enter the command... |
|---|---|
| All signed sessions on a specified storage virtual machine (SVM) | vserver cifs session show -vserver vserver_name -is-session-signed true |
| Details for a signed session with a specific session ID on the SVM | vserver cifs session show -vserver vserver_name -session-id integer -instance |
Examples
The following command displays session information about signed sessions on SVM vs1. The default summary output does not display the Is Session Signed
output field:
cluster1::> vserver cifs session show -vserver vs1 -is-session-signed true
Node: node1
Vserver: vs1
Connection Session Open Idle
ID ID Workstation Windows User Files Time
---------- ------- ---------------- ------------- ------- ------------
3151272279 1 10.1.1.1 DOMAIN\joe 2 23s
The following command displays detailed session information, including whether the session is signed, on an SMB session with a session ID of 2:
cluster1::> vserver cifs session show -vserver vs1 -session-id 2 -instance
Node: node1
Vserver: vs1
Session ID: 2
Connection ID: 3151274158
Incoming Data LIF IP Address: 10.2.1.1
Workstation: 10.1.1.2
Authentication Mechanism: Kerberos
Windows User: DOMAIN\joe
UNIX User: pcuser
Open Shares: 1
Open Files: 1
Open Other: 0
Connected Time: 10m 43s
Idle Time: 1m 19s
Protocol Version: SMB3
Continuously Available: No
Is Session Signed: true
User Authenticated as: domain-user
NetBIOS Name: CIFS_ALIAS1
SMB Encryption Status: Unencrypted
Give documentation feedback