#Microsoft CVE-2022-38023 and NTLMv2

We've upgraded our AFF-A220 to 9.13.1 as per https://kb.netapp.com/Support_Bulletins/Customer_Bulletins/SU530

and should be all good to go for next Tuesday's closing of the door on NTLMv2 authentication.

However,

scrb::> vserver cifs session show -vserver sdata -fields auth-mechanism,address,windows-user
node vserver session-id connection-id address auth-mechanism windows-user

scrb-a sdata 12223613813613660030 4271015427 10.6.154.156 NTLMv2 FHC\rgrasdue

still shows all of our CIFS connections using NTLMv2 to authenticate (one line is shown of hundreds of connections)

Are we ready for next week's update? Will the auth-mechanism change after we patch our DCs? Or will all our CIFS connections break?

You are fine, nothing will break.

The fix from ONTAP does not change the authentication mechanism used by your CIFS clients. It will only make sure that NTLM will continue to work after you patched your MS DCs after July 11th.