Determine whether ONTAP SMB sessions are signed
Suggest changes
PDFs
You can display information about connected SMB sessions on the CIFS server. You can use this information to determine whether SMB sessions are signed. This can be helpful in determining whether SMB client sessions are connecting with the desired security settings.
-
Perform one of the following actions:
If you want display information about… Enter the command… All signed sessions on a specified storage virtual machine (SVM)
vserver cifs session show -vserver vserver_name -is-session-signed trueDetails for a signed session with a specific session ID on the SVM
vserver cifs session show -vserver vserver_name -session-id integer -instance
The following command displays session information about signed sessions on SVM vs1. The default summary output does not display the “Is Session Signed” output field:
cluster1::> vserver cifs session show -vserver vs1 -is-session-signed true Node: node1 Vserver: vs1 Connection Session Open Idle ID ID Workstation Windows User Files Time ---------- ------- ---------------- ------------- ------- ------------ 3151272279 1 10.1.1.1 DOMAIN\joe 2 23s
The following command displays detailed session information, including whether the session is signed, on an SMB session with a session ID of 2:
cluster1::> vserver cifs session show -vserver vs1 -session-id 2 -instance
Node: node1
Vserver: vs1
Session ID: 2
Connection ID: 3151274158
Incoming Data LIF IP Address: 10.2.1.1
Workstation: 10.1.1.2
Authentication Mechanism: Kerberos
Windows User: DOMAIN\joe
UNIX User: pcuser
Open Shares: 1
Open Files: 1
Open Other: 0
Connected Time: 10m 43s
Idle Time: 1m 19s
Protocol Version: SMB3
Continuously Available: No
Is Session Signed: true
User Authenticated as: domain-user
NetBIOS Name: CIFS_ALIAS1
SMB Encryption Status: Unencrypted