I needed our SFTP to authenticate thru Active Directory so we needed to have CIFS licensed on the NetApp. This is not necessary for using SFTP but does make user accounts easier to setup and manage.
- If CIFS is not already setup on the NetApp, login to the console and run cifs setup. Connect the Filer to the current Active Directory. During the configuration, do not change the authentication to NTFS only.
- Set the following:
options sftp.enable on
options sftp.auth_style mixed
options sftp.bypass_traverse_checking on
options sftp.dir_restriction on
options sftp.locking delete
options sftp.log_enable on
options sftp.max_connections 15 (depends on number of users you plan on)
- Check to see if the cifs home directory has been setup: rdfile /etc/cifs_homedir.cfg
Typically the CIFS setup will create a HOME share on the filer, but I found that it doesn't always setup the cifs_homedir value. The cifs_homedir.cfg needs to have the path to the volume where the cifs HOME share is set to.
Example: wrfile -a /etc/cifs_homedir.cfg /vol/vol0/home
- After updating the cifs_homedir.cfg, run the home directory update command:
cifs homedir load
- From the active directory server, create a new user. For its home directory path, put in the UNC path to the filer's home directory:
- Now from a SFTP client connect to the filer. The username needs to be entered in this format: