DC 连接失败,并出现错误 "krb5kdc_ERR_C_principal _unknown" ,从而导致 CIFS 问题
- Views:
- 91
- Visibility:
- Public
- Votes:
- 0
- Category:
- ontap-9
- Specialty:
- nas<a>CIFS</a><a>Kerberos</a>
- Last Updated:
适用场景
- ONTAP 9
- Kerberos
- CIFS
问题描述
- 用户无权访问CIFS共享
- 日志显示使用计算机帐户连接到域控制器失败并显示错误
KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN
:
8/18/2022 09:15:58 cluster-01
ERROR secd.cifsAuth.problem: vserver (svm_cifs) General CIFS authentication problem. Error: User authentication procedure failed
CIFS SMB2 Share mapping - Client Ip = 192.168.1.1
[ 0 ms] Login attempt by domain user 'netapp\cifs' using NTLMv1 style security
[ 0] Successfully connected to ip 192.168.0.1, port 445 using TCP
[ 8] Unknown user (KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN)
[ 8] Failed to initiate Kerberos authentication. Trying NTLM.
[ 9] Encountered NT error (NT_STATUS_MORE_PROCESSING_REQUIRED) for SMB command SessionSetup
[ 10] Encountered NT error (NT_STATUS_AUTH_LOGON_FAILURE) for SMB command SessionSetup
[ 10] Unable to connect to NetLogon service on dcsvr.tekunasas.local (Error: RESULT_ERROR_SECD_NO_CONNECTIONS_AVAILABLE)
[ 11] No servers available for MS_NETLOGON, vserver: 6, domain: netapp.local.
**[ 11] FAILURE: Unable to make a connection (NetLogon:NETAPP.LOCAL), result: 6940
[ 12] CIFS authentication failed
- 在Active Directory端、未找到CIFS服务器的计算机帐户