无法访问文件、因为用户帐户已在Active Directory中锁定
适用场景
- ONTAP 9
- CIFS/SMB
问题描述
- 客户端无法与文件/文件夹进行交互、并且在Active Directory用户帐户被锁定时可能会遇到权限问题。
- 我们可以运行以下命令进行确认:
::> set advanced ::*> vserver services access-check authentication show-creds -node node-01 -vserver svm -unix-user-name <root> Vserver: sbm1 (internal ID: 40) Error: Get user credentials procedure failed [ 0 ms] Determined UNIX id 0 is UNIX user 'root' [ 0] UNIX user 'root' mapped to Windows user 'DOMAIN\root' [ 0] Using cached 'DOMAIN\root' SID mapping. [ 11] Successfully connected to ip 10.20.40.80, port 88 using TCP **[ 16] FAILURE: Could not get credentials via S4U2Self based on ** full Windows user name 'root@DOMAIN.LOCAL'. A 'root' or SID 'S-2-8-21-338539323-9078145449-725348543-25819' Error: command failed: Failed to get user credentials. Reason: "Kerberos Error: Clients credentials have been revoked".