跳转到主内容
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

无法创建 Active Directory 计算机帐户原因:在 ONTAP 9 的 AD 中禁用 SMB1 时,发生套接字接收错误

Views:
64
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

 

适用场景

  • ONTAP 9
  • 集群模式 Data ONTAP 8.3 及更高版本

问题描述

  • 尝试在 ONTAP 中创建 CIFS SVM 时,会出现以下错误:​​​​​​
    • 集群输出

Cluster1::> vserver cifs create -vserver SMV1 -cifs-server SVM1 -domain company.com
In order to create an Active Directory machine account for the CIFS server, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "CN=Computers" container within the "company.net" domain.
Enter the user name: win_user
Enter the password:***

  • 已为此问题描述记录三个错误:

Machine account creation procedure failed
[ 153] Loaded the preliminary configuration.
[ 185] Created a machine account in the domain
[ 188] Successfully connected to 10.0.0.1:445 using TCP
[ 189] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 191] Successfully connected to 10.0.0.1:445 using TCP
[ 193] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 193] No servers available for MS_LSA, vserver: 5, domain: company.com.**
[ 193] : to make a connection** (LSA:COMPANY.COM), result: 6940
[ 193] Could not find Windows SID 'S-1-5-21-2755096389-2719828064-xxxxxxx-512'
[ 197] Deleted existing account 'CN=svm1,CN=Computers,DC=company,DC=com': command failed: Failed to create the Active Directory machine account "SVM1". Reason: SecD : no server available.

Error: Machine account creation procedure failed
  [    85] Loaded the preliminary configuration.
  [   130] Created a machine account in the domain
  [   131] SID to name translations of Domain Users and Admins
           completed successfully
  [   134] Successfully connected to ip 10.0.0.1, port 88 using
           TCP
  [   137] Successfully connected to ip 10.0.0.1, port 464 using
           TCP
  [   163] Kerberos password set for 'SVM1.company.LOCAL' succeeded
  [   163] Set initial account password
  [   171] Successfully connected to ip 10.0.0.1, port 445 using
           TCP
  [   172] Unable to connect to NetLogon service on
      SVM1.company.local (Error:
           RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
**[   172] FAILURE: Unable to make a connection
**         (NetLogon:COMPANY.LOCAL), result: 6754
  [   172] Unable to make a NetLogon connection to SMV1.company.local
           using the new machine account
  [   202] Deleted existing account
           'CN=SVM1,CN=Computers,DC=company,DC=local'
 
Error: command failed: Failed to create the Active Directory machine account "SVM1". Reason: Socket receive error.
Cause.

secd.conn.auth.failure: Vserver (na06) could not make a connection over the network to server (10.2.251.198) via interface 10.1.251.77. Error: Connection reset by peer.
Failure Summary:
Error: User authentication procedure failed
CIFS SMB2 Share mapping - Client Ip = 10.1.191.54
  [  0 ms] Login attempt by domain user 'OFFICE01\Administrator' using NTLMv1 style security
  [    1] Successfully connected to ip 10.2.251.198, port 445 using TCP
  [    2] Unable to connect to NetLogon service on server.com. (Error: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
  [    5] Successfully connected to ip 10.1.251.195, port 445 using TCP
  [   15] Successfully authenticated with DC server.com
  [   18] Authentication failed with DC VISAD5. Not retriable. (Status: 0xc0000064)
  [   18] Login attempt by local user 'OFFICE01\Administrator' using NTLMv1 style security
**[   18] FAILURE: CIFS authentication failed

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support