跳转到主内容

无法访问文件、因为用户帐户已在Active Directory中锁定

Views:
4
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas<a>2008566653</a><a>帐户已锁定</a><a>、无法进行转换</a>
Last Updated:

适用场景

  • ONTAP 9
  • CIFS/SMB

问题描述

  • 客户端无法与文件/文件夹进行交互、并且在Active Directory用户帐户被锁定时可能会遇到权限问题。
  • 我们可以运行以下命令进行确认:
 ::> set advanced ::*> vserver services access-check authentication show-creds -node node-01 -vserver svm -unix-user-name <root> Vserver: sbm1 (internal ID: 40) Error: Get user credentials procedure failed [ 0 ms] Determined UNIX id 0 is UNIX user 'root' [ 0] UNIX user 'root' mapped to Windows user 'DOMAIN\root' [ 0] Using cached 'DOMAIN\root' SID mapping. [ 11] Successfully connected to ip 10.20.40.80, port 88 using TCP **[ 16] FAILURE: Could not get credentials via S4U2Self based on ** full Windows user name 'root@DOMAIN.LOCAL'. A 'root' or SID 'S-2-8-21-338539323-9078145449-725348543-25819' Error: command failed: Failed to get user credentials. Reason: "Kerberos Error: Clients credentials have been revoked". 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.