跳转到主内容

NetApp wins prestigious Coveo Relevance Pinnacle Award. Learn more!

INSIGHT Japan :2023年 1月25日(水)ANAインターコンチネンタルホテル開催 へ参加・申込を行う

由于 LDAP 模式不正确, LDAP 客户端 UNIX 用户名转换失败

Views:
3
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas<a>LDAP</a><a>2008866698</a><a>LDAP模式</a>
Last Updated:

适用场景

  • ONTAP 9
  • LDAP 模式
  • Windows AD LDAP

问题描述

使用 Microsoft Active Directory LDAP 作为目录存储时, ONTAP 无法检索 UNIX 用户凭据。
 
::>set advanced
::*>vserver services access-check authentication show-creds -node <node> -vserver <svm> -unix-user-name <unix-user>
 
SecD 日志显示以下错误
[kern_secd:info:15834] Error: Get user credentials procedure failed
[kern_secd:info:15834] [ 38] Retrieved CIFS credentials via S4U2Self for full Windows user name 'test@NTAP.LOCAL'
[kern_secd:info:15834] [ 88] Trying to map 'NTAP\TEST' to UNIX user 'test' using implicit mapping
[kern_secd:info:15834] [ 101] Hostname found in Name Service Cache
[kern_secd:info:15834] [ 101] Resolved LDAP servers: 10.10.10.130. Vserver: 2
[kern_secd:info:15834] [ 101] Failed to initiate Kerberos authentication. Trying NTLM.
[kern_secd:info:15834] [ 102] Successfully connected to ip 10.10.10.130, port 3268 using TCP
[kern_secd:info:15834] **[ 109] FAILURE: User 'test' not found in UNIX authorization source LDAP.
[kern_secd:info:15834] [ 109] Entry for user-name: test not found in the current source: LDAP. Entry for user-name: test not found in any of the available sources
 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device