Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1799
Views
0
Helpful
6
Replies

CIFS, not showing security properties

Go to solution
bakinbits
Level 1
Level 1

‎05-19-2010 10:31 AM

When attempting to view the security properties of a remote share we get an error message that says, "Unable to display security information".  This happens when bringing up a remote server via UNC path, right clicking on a share or folder, and selecting the security tab.  This only happens when viewing them through an optimized connection.  If the domain admin remotes directly to that server, or another server at the same location, they are able to browse the properties fine.

We're using 4.1.3 and have disabled legacy WAFS services.  All of our CIFS traffic is going through the CIFS accelerator.  Couple of questions:

-Isn't the CIFS accelerator supposed to be transparent and pass this information along?

-Do the WAE's still need to be joined to the domain?  I though this was a legacy WAFS function

-I did packet captures on both ends of the connection (and on the WAE) but didn't see anything obvious in the way of errors, any specific thing I can look for?

Thanks!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Zach Seils
Level 7
Level 7
In response to bakinbits

‎05-20-2010 06:43 AM

In the failed trace, note that the NT Security Descriptor Length in frame 392 is 0, whereas in the working trace it is >0.  This looks like bug CSCtg28040, which is fixed in the WAAS 4.1.5f release.  Can you confirm that you have installed Microsoft patch MS10-020 (KB980232)?

Thanks again for the traces.

Regards,

Zach

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Zach Seils
Level 7
Level 7

‎05-19-2010 11:38 AM

There is metadata caching that occurs which may be the issue.  What type of server/OS is the remote share being hosted on?  Can you provide packet captures with and without WAAS?

Thanks,

Zach

PS - There is no longer a need to have the WAEs join the Windows domain.

0 Helpful

Go to solution
bakinbits
Level 1
Level 1
In response to Zach Seils

‎05-19-2010 12:26 PM

All of the servers are Win2k3 standard.  "hqmon1-pass" is a local server and "laprint01-fail" is the remote server.  I pulled up the security tab at packet 277 on the passed attempt and 370 on the failed one.

The difference seems to be that the client (10.101.132.80) doesn't perform a lsa_openpolicy request to the target server.

64792-hqmon1-pass.pcap.zip
0 Helpful

Go to solution
Zach Seils
Level 7
Level 7
In response to bakinbits

‎05-19-2010 01:20 PM

Thanks.

Where were the packet captures taken?

Zach

0 Helpful

Go to solution
bakinbits
Level 1
Level 1
In response to Zach Seils

‎05-19-2010 01:22 PM

From the client machine. 

0 Helpful

Go to solution
Zach Seils
Level 7
Level 7
In response to bakinbits

‎05-20-2010 06:43 AM

In the failed trace, note that the NT Security Descriptor Length in frame 392 is 0, whereas in the working trace it is >0.  This looks like bug CSCtg28040, which is fixed in the WAAS 4.1.5f release.  Can you confirm that you have installed Microsoft patch MS10-020 (KB980232)?

Thanks again for the traces.

Regards,

Zach

0 Helpful

Go to solution
bakinbits
Level 1
Level 1
In response to Zach Seils

‎05-20-2010 01:03 PM

Ahh, good find.  Thanks for your help.  The upgrade fixed the issue.

Thanks again!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents