... | ... | @@ -422,6 +422,17 @@ SMB encryption will be enabled/disabled and a confirmation message will appear o |
|
|
|
|
|
<kbd><img src="uploads/7cca996d50213703cd7e9e8ce0f31deb/image054.png"></kbd>
|
|
|
|
|
|
## Enable Kerberos authentication for CIFS shares
|
|
|
In order to access your shares with Kerberos authentication, you have to add the CIFS service principal name in the `servicePrincipalName` field of the CIFS server machine account created in your AD.
|
|
|
|
|
|
The CIFS service principal name would usually have the format `cifs/<DNS Name of your CIFS network interface>`. For instance, for the CIFS interface `ifs-prod-381-cifs.ifs.uis.private.cam.ac.uk`, the CIFS principal name would be `cifs/ifs-prod-381-cifs.ifs.uis.private.cam.ac.uk`.
|
|
|
|
|
|
The `servicePrincipalName` would eventually look like the following:
|
|
|
|
|
|
<kbd><img src="uploads/2e0c8b7b5339639b6fc9d2ff093e69b1/cifs-spn.PNG"></kbd>
|
|
|
|
|
|
If you are using `BLUE` AD, please contact us to update your CIFS account machine.
|
|
|
|
|
|
## NFSv4 / Kerberos Client configuration
|
|
|
|
|
|
Once you set up an NFS share through the SSGW portal, you need to configure your client to be able to mount and access the share using Kerberos authentication.
|
... | ... | |