Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CIFS, not showing security properties

When attempting to view the security properties of a remote share we get an error message that says, "Unable to display security information".  This happens when bringing up a remote server via UNC path, right clicking on a share or folder, and selecting the security tab.  This only happens when viewing them through an optimized connection.  If the domain admin remotes directly to that server, or another server at the same location, they are able to browse the properties fine.

We're using 4.1.3 and have disabled legacy WAFS services.  All of our CIFS traffic is going through the CIFS accelerator.  Couple of questions:

-Isn't the CIFS accelerator supposed to be transparent and pass this information along?

-Do the WAE's still need to be joined to the domain?  I though this was a legacy WAFS function

-I did packet captures on both ends of the connection (and on the WAE) but didn't see anything obvious in the way of errors, any specific thing I can look for?

Thanks!

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: CIFS, not showing security properties

In the failed trace, note that the NT Security Descriptor Length in frame 392 is 0, whereas in the working trace it is >0.  This looks like bug CSCtg28040, which is fixed in the WAAS 4.1.5f release.  Can you confirm that you have installed Microsoft patch MS10-020 (KB980232)?

Thanks again for the traces.

Regards,

Zach

6 REPLIES
Cisco Employee

Re: CIFS, not showing security properties

There is metadata caching that occurs which may be the issue.  What type of server/OS is the remote share being hosted on?  Can you provide packet captures with and without WAAS?

Thanks,

Zach

PS - There is no longer a need to have the WAEs join the Windows domain.

New Member

Re: CIFS, not showing security properties

All of the servers are Win2k3 standard.  "hqmon1-pass" is a local server and "laprint01-fail" is the remote server.  I pulled up the security tab at packet 277 on the passed attempt and 370 on the failed one.

The difference seems to be that the client (10.101.132.80) doesn't perform a lsa_openpolicy request to the target server.

Cisco Employee

Re: CIFS, not showing security properties

Thanks.

Where were the packet captures taken?

Zach

New Member

Re: CIFS, not showing security properties

From the client machine. 

Cisco Employee

Re: CIFS, not showing security properties

In the failed trace, note that the NT Security Descriptor Length in frame 392 is 0, whereas in the working trace it is >0.  This looks like bug CSCtg28040, which is fixed in the WAAS 4.1.5f release.  Can you confirm that you have installed Microsoft patch MS10-020 (KB980232)?

Thanks again for the traces.

Regards,

Zach

New Member

Re: CIFS, not showing security properties

Ahh, good find.  Thanks for your help.  The upgrade fixed the issue.

Thanks again!

1102
Views
0
Helpful
6
Replies