跳转到主内容
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

无法为与的 CIFS 共享设置 ACL 错误 " 无法确定计算机是否已加入 域 "

Views:
26
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

适用场景

  • ONTAP 9
  • CIFS
  • start_tls
  • Windows Active Directory 集成 LDAP

问题描述

  • 无法使用 Windows 客户端上的 " 安全 " 选项卡为 CIFS 共享设置 ACL,并显示错误消息:
Exapmle :
"The program cannot open the required dialog box because it cannot determine whether the computer named “cifs -server” is joined to a domain. Close this message, and try again."
  • SecD 日志显示以下 "LDAP TLS" 身份验证错误。
示例 1
00000013.0076d13a 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.250] debug: LDAP TLS Alert generated is 'fatal:unknown CA'
00000013.0076d13b 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.371] info : Unable to start TLS: Connect error { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2030 }
00000013.0076d13c 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.377] info : Additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2033 }
00000013.0076d13d 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.384] ERR : RESULT_ERROR_LDAPSERVER_CONNECT_ERROR:7652 in ldapInitialize() at src/connection_manager/secd_connection.cpp:2042
00000013.0076d13e 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.390] ERR : ldapInitialize: LDAP Error: (-11): 'Connect error':
 
示例 2​​​
00000024.0001e327 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Failure Summary:
00000024.0001e328 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Error: Get DC Info procedure failed
00000024.0001e329 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] CIFS Domain Query via LSAR_DS_ROLE_GET_DOMAIN_INFO - Client Ip = XXX.XXX.XXX.XXX User = YYYY\ZZZZZZ
00000024.0001e32a 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   ...
00000024.0001e32b 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   13] Unable to connect to LDAP (Active Directory) service on AAAA.BBBB.CCC.com
00000024.0001e32c 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   13] Successfully connected to ip XXX.XXX.XXX.XXX, port 389 using TCP
00000024.0001e32d 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   17] Required certificate with CA DDDDDD is not installed
00000024.0001e32e 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   17] Unable to start TLS: Connect error​​​​

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support