SMB concepts

Clients can access files on Storage Virtual Machines (SVMs) using the SMB protocol, provided that Data ONTAP can properly authenticate the user.

When an SMB client connects to a CIFS server, Data ONTAP authenticates the user with a Windows domain controller. Data ONTAP uses two methods to obtain the domain controllers to use for authentication:

Next, Data ONTAP must obtain UNIX credentials for the user. It does this by using mapping rules on the SVM or by using a default UNIX user instead. For SVMs, you can specify which mapping services to use, local files or LDAP, and the order in which mapping services are searched. Additionally, you can specify the default UNIX user.

Data ONTAP then checks different name services for UNIX credentials for the user, depending on the name services configuration of the SVM. The options are local UNIX accounts, NIS domains, and LDAP domains. You must configure at least one of them so that Data ONTAP can successfully authorize the user. You can specify multiple name services and the order in which they are searched.