跳转到主内容

Active Directory 上的第三方防火墙正在阻止端口 389 和 445

Views:
5
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs<a>2008955505</a><a>防火墙 AD</a><a>操作超时</a>
Last Updated:

适用场景

  • ONTAP 9
  • SMB/CIFS

问题描述

  • 在尝试访问 Active Directory ( AD )时, AD 会在尝试连接到端口 389 或 445 时关闭连接。
  • 可以通过 tcpdump 查看此信息:
clipboard_e1f3334ad1e0cce0a176f81190292165a.png
 
  • 我们还可以在 secd/ems 日志中看到此信息:

[Cluster01-01: secd: secd.cifsAuth.problem:error]: vserver (SVM1) General CIFS authentication problem. Error: User authentication procedure failed CIFS SMB2 Share mapping - Client Ip = 10.1.1.2

[ 0 ms] Login attempt by domain user 'NetApp\bob' using NTLMv2 style security

[ 0] Using a cached connection to DC1.NetApp.com

[ 26] Authentication failed with DC DC1. Not retriable. (Status: 0xc0000064)

[ 27] Unable to find the NetBIOS domain name for Active Directory '.' **

[ 27] FAILURE: CIFS authentication failed

[ 2125] TCP connection to ip 10.10.10.10, port 389 via interface 10.10.10.2 failed: Operation timed out.

[ 4159] Unable to connect to LDAP (Active Directory) service on DC2.NetApp.com (Error: Can't contact LDAP server

 

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support