节点加入现有集群后、登录到用户创建的SP管理员帐户失败、权限被拒绝

适用场景

ONTAP 9.9.1

问题描述

• 用户在集群中创建了一个管理员角色SP帐户、该帐户可以从集群中的节点登录：

                      Vserver: cluster-01
      User Name or Group Name: fasadmin
                  Application: service-processor
        Authentication Method: password
     Remote Switch IP Address: -
                    Role Name: admin
               Account Locked: no
                 Comment Text: -
      Whether Ns-switch Group: no
Second Authentication Method2: none

• 新节点加入当前集群后、即使在节点重新启动后、它们也无法登录到SP帐户：

[~]$ ssh fasadmin@10.xxx.xx.185
The authenticity of host '10.xxx.xx.185(10.xxx.xx.185)' can't be established.
ECDSA key fingerprint is SHA256:+xANMpHpDEQoLmhd0Kmi1AW2PwHeI5daI3znYbr+2eM.
ECDSA key fingerprint is MD5:8e:37:01:73:xx:xx:xx:xx:xx:xx:xx:7c:1c:bd:f7:5b.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/server-admins/.ssh/known_hosts).
admin@10.xxx.xx.185'>fasadmin@10.xxx.xx.185's password:

Permission denied, please try again.

• 所有节点均可登录到默认SP管理员帐户：

[ ~]$ ssh admin@10.xxx.xx.185
The authenticity of host '10.xxx.xx.185(10.xxx.xx.185)' can't be established.
ECDSA key fingerprint is SHA256:+xANMpHpDEQoLmhd0Kmi1AW2PwHeI5daI3znYbr+2eM.
ECDSA key fingerprint is MD5:8e:37:01:73:xx:xx:xx:xx:xx:xx:xx:7c:1c:bd:f7:5b.
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts (/home/server-admins/.ssh/known_hosts).
SP new-node-01>     

• SP-LATEST-SYSLOG 并 SP-DEBUG-MLOG-TXT.GZ 显示SP帐户配置文件同步失败：

cat /var/log/authlog.1 /var/log/authlog | tail -c 20480
========================================================
Aug  3 14:16:05 (none) sshd[2020]: Invalid user fasadmin from 10.xxx.xx.37 port 56708
Aug  3 14:16:07 (none) sshd[2020]: Failed none for invalid user fasadmin from 10.xxx.xx.37 port 56708 ssh2
Aug  3 14:16:22 (none) sshd[2020]: Failed password for invalid user fasadmin from 10.xxx.xx.37 port 56708 ssh2

2022-08-03 11:20:09.826 [sp_config_0] [rlm_push_config]: sending cluster user refresh command
2022-08-03 11:20:09.826 [sp_config_0] [sp_user_mgmt:info]: sp_cluster_user_update: op 3; action 7 6-update 7-refresh
2022-08-03 11:20:09.826 [sp_config_0] [sp_configd:info]: request queued: cmd 0xb
2022-08-03 11:20:09.826 [sp_cluster_user_mgmt_wq_wq] [sp_user_mgmt:info]: sp_cluster_usr_mgmt_process_msg: received SP_CLUSTER_USER_REFRESH
2022-08-03 11:20:09.826 [sp_cluster_user_mgmt_wq_wq] [sp_user_mgmt:info]: sp_get_cluster_usr_lst: userprofile_all_retry_cnt 10
2022-08-03 11:20:09.826 [sp_configd_pq] [sp_configd:info]: request sent: cmd 0xb
2022-08-03 11:20:09.829 [sp_cluster_user_mgmt_wq_wq] [sp_user_mgmt:info]: sp_get_cluster_usr_lst: Unable to get next [entry doesn't exist]; err 4; userCount 0
2022-08-03 11:20:09.829 [sp_cluster_user_mgmt_wq_wq] [sp_user_mgmt:error]: sp_get_cluster_usr_lst: rpc_error rtn; user count 0