由于 netlogon 响应缓慢导致 NT 错误 (0x103) 的 CIFS 身份验证问题

最后更新
另存为PDF

Views:: 95

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

适用于

ONTAP 9
CIFS
Active Directory
ntlm

问题描述

CIFS 服务器尝试与域用户进行身份验证，并从域控制器 (DC) 服务器接收 STATUS_PENDING (NT 错误 0x103)
ONTAP 在超时 3 秒后关闭 TCP 会话
DC 服务器在超时后使用 Netlogon 数据响应 Vserver
EMS Log：

[?] Mon Feb 07 14:57:34 +0100 [<node_name>: secd: secd.cifsAuth.problem:error]: vserver (<Vserver_Name>) General CIFS authentication problem. Error: Ontap admin cifs authentication basic procedure failed (Retries: 2) **[ 3263] Attempt 1 FAILURE: Unexpected state: Error 6776 at file:src/FrameWork/Socket.cpp func:ReceiveDataOnSocket line:1233 **[ 3263] Attempt 1 FAILURE: Pass-through authentication request failed.

Secd.log：

Mon May 16 2022 15:30:49 +02:00 Successfully authenticated with DC dc1.domain.local { in connectToDomainController() at src/connection_manager/secd_connection.cpp:302 }
 Mon May 16 2022 14:30:52 +02:00 Error!!! Call timeout after 3 seconds aborting with 1 commands pending  { in ReceiveDataOnSocket() at src/FrameWork/Socket.cpp:1231 }

Netlogon.log：

05/16 15:30:49 [LOGON] Domain: SamLogon: Network logon of domain\usr01 from \\Computer01 (via CIFS1) Entered
05/16 15:30:56 [LOGON] Domain: SamLogon: Network logon of domain\usr01 from \\Computer01 (via CIFS1) Returns 0x0 <-- 7秒