Module netapp_ontap.models.cifs_service_security
Copyright © 2019 NetApp Inc. All rights reserved.
Classes
class CifsServiceSecuritySchema (only=None, exclude=(), many=False, context=None, load_only=(), dump_only=(), partial=False, unknown=None)
-
The fields of the CifsServiceSecurity object
Ancestors
- netapp_ontap.resource.ResourceSchema
- marshmallow.schema.Schema
- marshmallow.schema.BaseSchema
- marshmallow.base.SchemaABC
Class variables
var kdc_encryption
-
Specifies whether AES-128 and AES-256 encryption is enabled for all Kerberos-based communication with the Active Directory KDC. To take advantage of the strongest security with Kerberos-based communication, AES-256 and AES-128 encryption can be enabled on the CIFS server. Kerberos-related communication for CIFS is used during CIFS server creation on the SVM, as well as during the SMB session setup phase. The CIFS server supports the following encryption types for Kerberos communication:
* RC4-HMAC * DES * AES
When the CIFS server is created, the domain controller creates a computer machine account in Active Directory. After a newly created machine account authenticates, the KDC and the CIFS server negotiates encryption types. At this time, the KDC becomes aware of the encryption capabilities of the particular machine account and uses those capabilities in subsequent communication with the CIFS server. In addition to negotiating encryption types during CIFS server creation, the encryption types are renegotiated when a machine account password is reset.
var opts
var restrict_anonymous
-
Specifies what level of access an anonymous user is granted. An anonymous user (also known as a "null user") can list or enumerate certain types of system information from Windows hosts on the network, including user names and details, account policies, and share names. Access for the anonymous user can be controlled by specifying one of three access restriction settings. The available values are:
- no_restriction - No access restriction for an anonymous user.
- no_enumeration - Enumeration is restricted for an anonymous user.
- no_access - All access is restricted for an anonymous user.
Valid choices:
- no_restriction
- no_enumeration
- no_access
var smb_encryption
-
Specifies whether encryption is required for incoming CIFS traffic.
var smb_signing
-
Specifies whether signing is required for incoming CIFS traffic. SMB signing helps to ensure that network traffic between the CIFS server and the client is not compromised.
Instance variables
var patchable_fields
-
Only fields in this list will be considered when patching a resource
var postable_fields
-
Only fields in this list will be considered when posting a resource