跳转到主内容

启用签章 / 签名后,无法修改 ACL 权限 MS-LDAP

Views:
29
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用场景

  • ONTAP 9
  • LDAP
  • CIFS/SMB

问题描述

  • 启用 LDAP签名/签章后、无法修改ACL权限
  • SECD 日志显示 LDAP服务器连接 失败:
 
Failure Summary:
[kern_secd:info:17440] [ 2771] Unable to SASL bind to LDAP server using GSSAPI: Can't contact LDAP server
[kern_secd:info:17440] [ 2777] Successfully connected to ip xxx.xxx.xxx.xx, port 88 using TCP
[kern_secd:info:17440] [ 2789] Could not authenticate as 'xxxx$@xxx.xxx.xx.xx.xx': Generic preauthentication failure (KRB5_PREAUTH_FAILED)
[kern_secd:info:17440] [ 2789] Unable to start LDAPS: Can't contact LDAP server

secd.ldap.noServers:EMERGENCY]: None of the LDAP servers configured for Vserver (SVM) are currently accessible via 
the network for LDAP service type (Service: LDAP (Active Directory)
 
Details:
[000.298.509] info : Source: DNS unavailable. Entry for host-address:xxx.xxx.xx.xx not found in any of the available sources { in SecdCbNsJournal() at src/utils/secd_ns_utils.cpp:96 }
[000.298.704] debug: ldap_sasl_interactive_bind_s returned -2 { in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:571 }
[000.298.711] ERR : Unable to SASL bind to LDAP server using GSSAPI: Local error { in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:575 }
[000.298.716] info : Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Cannot determine realm for numeric host address) { in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:578 }
[000.298.723] ERR : RESULT_ERROR_LDAPSERVER_LOCAL_ERROR:7643 in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:582
[000.298.729] ERR : ldapSaslBindGssapi: LDAP Error: (-2): 'Local error':
  • 客户端显示 "程序无法打开所需的对话框、因为它无法确定名为"host"的计算机是否已加入域"

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.