Sun Microsystems, Inc.  Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-72-1389870.1
Update Date:2012-08-27
Keywords:

Solution Type  Problem Resolution Sure

Solution  1389870.1 :   Pillar Axiom: Windows 2008 DC Changes to Support NTLM Requests from the Axiom NAS  


Related Items
  • Pillar Axiom 500 Storage System
  •  
  • Pillar Axiom 300 Storage System
  •  
  • Pillar Axiom 600 Storage System
  •  
Related Categories
  • PLA-Support>Sun Systems>DISK>Pillar Axiom>SN-DK: Ax600
  •  
  • .Old GCS Categories>Sun Microsystems>Storage - Disk>Pillar Axiom
  •  




In this Document
Symptoms
Changes
Cause
Solution


Applies to:

Pillar Axiom 600 Storage System - Version Not Applicable to Not Applicable [Release N/A]
Pillar Axiom 500 Storage System - Version Not Applicable and later
Pillar Axiom 300 Storage System - Version Not Applicable and later
Information in this document applies to any platform.

Symptoms

Windows 2008 DC changes to support NTLM requests from the Axiom NAS CIFS server.

Changes

As of AxiomONE Storage Manager release 3.3.x and below,  NTLM v2 is unsupported.  Support for this has been added in AxiomONE Storage Manager 4.2.x and above.

Cause

As a result, customers who are running Windows 2008 domain controllers will find that NTLM requests will fail.

Solution

The workaround for this issue is as follows:

1)     Disable NTLMv2:

For your Windows 2008 DC, please open "Domain Security Policy" in Administrative Tools of Start menu. Click on Security Settings > "Local Policies" > "Security Options". Scroll down to "Network Security: LAN Manager authentication level" and open it, right click and select properties. By default the Windows 2008 sets the policy to "NTLMv2 responses only". Change this to "send LM and NTLM - use NTLMv2 session security if negotiated".

(2)     Disable Strong Session Key:

For your Windows 2008 DC, please open "Domain Security Policy" in Administrative Tools of Start menu. Click on Security Settings > "Local Policies" > "Security Options". Scroll down to "Domain member: Require strong (Windows 2000 or later) session key" and open it, right click and select properties. By default the Windows 2008 sets the policy to "Enabled". Change this to "Disabled".


Attachments
This solution has no attachment
  Copyright © 2012 Sun Microsystems, Inc.  All rights reserved.
 Feedback