SASL 绑定到 UNIX LDAP 服务器失败，并显示本地错误

适用场景

• ONTAP 9
• FreeIPA LDAP 服务器
• LDAP SASL 绑定

问题描述

• 使用Freeipa作为外部LDAP服务器时、存储无法使用以下SecD日志将SASL绑定到LDAP服务器

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 0] Resolved LDAP servers: 10.10.10.10. Vserver: 6

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 42] Successfully connected to ip 10.10.10.10, port 389 using TCP

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 44] Entry for host-address: 10.10.10.10 not found in the current source: FILES. Ignoring and trying next available source

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] **[ 69] FAILURE: Unable to SASL bind to LDAP server using GSSAPI: Local error

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 69] Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server ldap/dc01.ntap.local@NTAP.LOCAL not found in Kerberos database)

• 检查DNS以确保ONTAP可能连接到的所有LDAP服务器都具有一个正确的PTR记录