Hello John,
I think there is a special GPO that could be enabled see
https://support.microsoft.com/en-us/topic/how-to-manage-the-changes-in-netlogon-secure-channel-connections-associated-with-cve-2020-1472-f7e8cc17-0309-1d6a-304e-5ba73cd1a11e#bkmk_thegrouppolicy
in a separate OU where you could move your older Netapp clusters to
"bypass" the requirements
Hope it helps
Rgds
Eric Leonard
On Sat, Jul 8, 2023 at 11:02?AM John Stoffel <john@stoffel.org> wrote:
>
>
> Guys,
> Is anyone else running into this problem with the latest MS patches
> breaking CIFS, especially on older OnTap versions and systems?
>
> I can download various older releases, and I could even upgrade an old
> FAS8060 to a release which supposedly is fixed for this ... but the
> systems are out of support, but of course in production.
>
> Anyone talk with Netapp about a one time support fee to bring some
> legacy systems up to snuff? Of course this seems to also just affect
> those people using older Domain Controllers with NTLMv1 and NTLMv2
> still enabled and in use.
>
> For those of you who haven't seen this, I've attached it here. Looks
> like a total cluster f*ck too... since there's so little time to
> address this issue.
>
> _______________________________________________
> Toasters mailing list
> Toasters@teaparty.net
> https://www.teaparty.net/mailman/listinfo/toasters
I think there is a special GPO that could be enabled see
https://support.microsoft.com/en-us/topic/how-to-manage-the-changes-in-netlogon-secure-channel-connections-associated-with-cve-2020-1472-f7e8cc17-0309-1d6a-304e-5ba73cd1a11e#bkmk_thegrouppolicy
in a separate OU where you could move your older Netapp clusters to
"bypass" the requirements
Hope it helps
Rgds
Eric Leonard
On Sat, Jul 8, 2023 at 11:02?AM John Stoffel <john@stoffel.org> wrote:
>
>
> Guys,
> Is anyone else running into this problem with the latest MS patches
> breaking CIFS, especially on older OnTap versions and systems?
>
> I can download various older releases, and I could even upgrade an old
> FAS8060 to a release which supposedly is fixed for this ... but the
> systems are out of support, but of course in production.
>
> Anyone talk with Netapp about a one time support fee to bring some
> legacy systems up to snuff? Of course this seems to also just affect
> those people using older Domain Controllers with NTLMv1 and NTLMv2
> still enabled and in use.
>
> For those of you who haven't seen this, I've attached it here. Looks
> like a total cluster f*ck too... since there's so little time to
> address this issue.
>
> _______________________________________________
> Toasters mailing list
> Toasters@teaparty.net
> https://www.teaparty.net/mailman/listinfo/toasters