Kerberos support is enabled by default on storage systems when CIFS
is licensed and configured for Windows domain authentication.
Kerberos support for Windows clients requires all of the
following:
- A Windows 2000 or greater client that is a member of a domain
- Kerberos selected in the client's Authentication Methods list
- A functioning Key Distribution Center (KDC) on an accessible
domain controller
Note: A storage system cannot authenticate a client by using the Kerberos
key-exchange mechanism unless the storage system has enough space in its
root volume to store the client's security credentials. If Kerberos
support is enabled, the system administrator must ensure that the
storage system has at least four kilobytes of free space in its
root volume at all times.