Hi,
I would advise checking there is an AD group policy that sets the SMB signing client configuration in combination with setting the a default authentication security level for you CIFS vserver. You would need to determine the correct configuration for your environment that enables all clients to connect based on the operating systems you are using. Some links to the docs:
Also if you are accessing the CIFS vserver via a DNS CName alias ensure you have set an SPN on the AD computer object to ensure clients are able to authenticate via Kerberos rather than reverting to NTLM.
/Matt