Welcome Bkamil,
Windows domain users reside in Active Directory and Kerberos is the default authentication protocol used by Active Directory for authenticating a user.
Also Kerberos is the most secure way of authenticating an user.
CIFS clients who connect to NetApp are authenticated via Kerberos or NTLM in Cluster Data ONTAP.
More details on the authentication can be found below :
How ONTAP handles SMB client authentication
http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-nfs%2FGUID-AA67607D-30F8-484C-A8D3-F0CA842465BB.html
How ONTAP handles NFS client authentication
http://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-nfs%2FGUID-AA67607D-30F8-484C-A8D3-F0CA842465BB.html
In an NFS context, authentication is done by the client not the server.
CIFS authentication is the server’s responsibility.
In multi-protocol environment, CIFS users can access UNIX and NTFS security style volume and also NFS users can access UNIX and NTFS security style volumes. This can be accomplished with the help of name-mapping and configuring the directory store for the Unix users.
Could you let me know if the CIFS users you are referring to, are they Windows domain users ?
I still don't understand the requirement of using openLDAP to authenticate CIFS users as the domain users reside in AD and not in openLDAP.
