跳转到主内容

无法创建 Active Directory 计算机帐户原因:在 ONTAP 9 的 AD 中禁用 SMB1 时,发生套接字接收错误

Views:
79
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas<a>ONTAP 9</a><a> 集群模式 Data ONTAP 8.3</a><a> 1007041</a><a> 1081261 </a>
Last Updated:

 

适用场景

  • ONTAP 9
  • CIFS创建

问题描述

  • 尝试在 ONTAP 中创建 CIFS SVM 时,会出现以下错误:​​​​​​
    • 集群输出

Cluster1::> vserver cifs create -vserver SMV1 -cifs-server SVM1 -domain company.com
In order to create an Active Directory machine account for the CIFS server, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "CN=Computers" container within the "company.net" domain.
Enter the user name: win_user
Enter the password:***

  • 已为此问题描述记录三个错误:

Machine account creation procedure failed
[ 153] Loaded the preliminary configuration.
[ 185] Created a machine account in the domain
[ 188] Successfully connected to 10.0.0.1:445 using TCP
[ 189] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 191] Successfully connected to 10.0.0.1:445 using TCP
[ 193] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 193] No servers available for MS_LSA, vserver: 5, domain: company.com.**
[ 193] : to make a connection** (LSA:COMPANY.COM), result: 6940
[ 193] Could not find Windows SID 'S-1-5-21-2755096389-2719828064-xxxxxxx-512'
[ 197] Deleted existing account 'CN=svm1,CN=Computers,DC=company,DC=com': command failed: Failed to create the Active Directory machine account "SVM1". Reason: SecD : no server available.

Error: Machine account creation procedure failed
  [    85] Loaded the preliminary configuration.
  [   130] Created a machine account in the domain
  [   131] SID to name translations of Domain Users and Admins
           completed successfully
  [   134] Successfully connected to ip 10.0.0.1, port 88 using
           TCP
  [   137] Successfully connected to ip 10.0.0.1, port 464 using
           TCP
  [   163] Kerberos password set for 'SVM1.company.LOCAL' succeeded
  [   163] Set initial account password
  [   171] Successfully connected to ip 10.0.0.1, port 445 using
           TCP
  [   172] Unable to connect to NetLogon service on
      SVM1.company.local (Error:
           RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
**[   172] FAILURE: Unable to make a connection
**         (NetLogon:COMPANY.LOCAL), result: 6754
  [   172] Unable to make a NetLogon connection to SMV1.company.local
           using the new machine account
  [   202] Deleted existing account
           'CN=SVM1,CN=Computers,DC=company,DC=local'
 
Error: command failed: Failed to create the Active Directory machine account "SVM1". Reason: Socket receive error.
Cause.

secd.conn.auth.failure: Vserver (na06) could not make a connection over the network to server (10.2.251.198) via interface 10.1.251.77. Error: Connection reset by peer.
Failure Summary:
Error: User authentication procedure failed
CIFS SMB2 Share mapping - Client Ip = 10.1.191.54
  [  0 ms] Login attempt by domain user 'OFFICE01\Administrator' using NTLMv1 style security
  [    1] Successfully connected to ip 10.2.251.198, port 445 using TCP
  [    2] Unable to connect to NetLogon service on server.com. (Error: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
  [    5] Successfully connected to ip 10.1.251.195, port 445 using TCP
  [   15] Successfully authenticated with DC server.com
  [   18] Authentication failed with DC VISAD5. Not retriable. (Status: 0xc0000064)
  [   18] Login attempt by local user 'OFFICE01\Administrator' using NTLMv1 style security
**[   18] FAILURE: CIFS authentication failed

 

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device