Determining whether clients are connected using encrypted SMB sessions
You can display information about connected SMB sessions to determine whether clients are using encrypted SMB connections. This can be helpful in determining whether SMB client sessions are connecting with the desired security settings.
About this task
SMB clients sessions can have one of three encryption levels:
| Encription level | Description |
|---|---|
| unencrypted | The SMB session is not encrypted. Neither storage virtual machine (SVM)-level or share-level encryption is configured. |
| partially-encrypted | Encryption is initiated when the tree-connect occurs. Share-level encryption is configured. SVM-level encryption is not enabled. |
| encrypted | The SMB session is fully encrypted. SVM-level encryption is enabled. Share level encryption might or might not be enabled. The SVM-level encryption setting supersedes the share-level encryption setting. |
Perform one of the following actions:
| If you want display information about... | Enter the command... |
|---|---|
| Sessions with a specified encryption setting for sessions on a specified SVM | vserver cifs session show -vserver vserver_name {unencrypted|partially-encrypted|encrypted} -instance |
| The encryption setting for a specific session ID on a specified SVM | vserver cifs session show -vserver vserver_name -session-id integer -instance |
Examples
The following command displays detailed session information, including the encryption setting, on an SMB session with a session ID of 2:
cluster1::> vserver cifs session show -vserver vs1 -session-id 2 -instance
Node: node1
Vserver: vs1
Session ID: 2
Connection ID: 3151274158
Incoming Data LIF IP Address: 10.2.1.1
Workstation: 10.1.1.2
Authentication Mechanism: Kerberos
Windows User: DOMAIN\joe
UNIX User: pcuser
Open Shares: 1
Open Files: 1
Open Other: 0
Connected Time: 10m 43s
Idle Time: 1m 19s
Protocol Version: SMB3
Continuously Available: No
Is Session Signed: true
User Authenticated as: domain-user
NetBIOS Name: CIFS_ALIAS1
SMB Encryption Status: Unencrypted
Give documentation feedback