信息无效的PTR导致secd.conn.auth.failure或secd.ldap.noServers:EMERGENCY错误
- Views:
- 10
- Visibility:
- Public
- Votes:
- 0
- Category:
- ontap-9
- Specialty:
- nas<a>LDAP 签名</a><a>LDAP 密封</a><a>秒</a>
- Last Updated:
适用场景
- ONTAP 9
问题描述
- LDAP服务器通过LDAP签名和/或签章进行保护
- EMS日志中存在错误:
secd.conn.auth.failure:notice
或secd.ldap.noServers:EMERGENCY
- 站点发现:
- EMS:
secd: secd.ldap.noServers:EMERGENCY]: None of the LDAP servers configured for Vserver <VServer Name> are currently accessible via the network
- SECD:
[auth_secd:notice] GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
- GPO处理:
SECD
.------------------------------------------------------------------------------.
RPC FAILURE:
secd_rpc_gpo_get_list has failed
Result = 0, RPC Result = 6940
RPC received at Thu Feb 13 09:51:42 2020
------------------------------------------------------------------------------'
FAILURE: Unable to SASL bind to LDAP server using GSSAPI: Local error
Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
Unable to connect to LDAP (Active Directory) service on dc1.demo.netapp.com (Error: Local error)
No servers available for MS_LDAP_AD, vserver: 3, domain: demo.netapp.com.
Unable to make a connection (LDAP (Active Directory):DEMO.NETAPP.COM), result: 6940
- 此错误状态 SPN (ldap/gc.demo.netapp.com)的详细信息不正确(dc1.demo.netapp.com:
info : [krb5 context 0991DC00] ccselect can't find appropriate cache for server principal ldap/gc.demo.netapp.com@
注意: 在数据包跟踪中 、TGS-REQ 返回错误 KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN