跳转到主内容

由于防病毒软件, SVM 无法加入 AD

Views:
24
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

适用于

ONTAP 9

问题

当 Vserver 尝试加入 AD 时,会出现以下错误:  
 
  • EMS 输出:
CIFS SMB2 Share mapping - Client Ip = xx.xx.xx.xx
  [  0 ms] Login attempt by domain user 'domain\user' using NTLMv2 style security
  [    0] No servers available for MS_NETLOGON, vserver: 5, domain: domain.
  [    4] Successfully connected to ip xx.xx.xx.xx, port 389 using TCP
  [   12] Hostname found in Name Service Cache
  [   19] Successfully connected to xx.xx.xx.xx, port 445 using TCP
  [   30] Successfully authenticated with DC domain
  [   35] Unable to connect to NetLogon service on domain (Error: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
  [  2037] TCP connection to ip xx.xx.xx.xx , port 445 via interface xx.xx.xx.xx failed: Operation timed out.
  [  2037] Could not open a socket to 'server.domain'
  [  2037] Unable to connect to NetLogon service on server.domain (Error: RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
  [  2037] No servers available for MS_NETLOGON, vserver: 5, domain: domain
**[  2037] FAILURE: Unable to make a connection (NetLogon:domain), result: 6940
  [  2037] CIFS authentication failed
 
  • SECD 输出:(通过对等方重置连接时输入密钥)
 
| [000.309.254] <000.000.154> debug: Adding new SMB2 session: serverName = mdc01.ml.ccp.com.tw, Uid = 184959075615105 { in AddNewSmb2SessionToGlobalSessionsMap() at src/FrameWork/ClientInfo.cpp:2293 }
| [000.309.840] <000.000.586> info : Successfully authenticated with DC mdc01.ml.ccp.com.tw { in connectToDomainController() at src/connection_manager/secd_connection.cpp:300 }
| [000.309.850] <000.000.010> debug: Connecting to share \\MDC01\ipc$ { in pclConnectToShare() at src/utils/secd_connection_utils.cpp:77 }
| [000.310.376] <000.000.526> debug: Succeeded; open tid: 1 { in pclConnectToShare() at src/utils/secd_connection_utils.cpp:90 }
| [000.310.391] <000.000.015> debug: No Cached scKey for vs5:MDC01 { in getSecureChannelKey() at src/configuration_manager/secd_configuration_manager.cpp:2318 }
| [000.310.397] <000.000.006> debug: Making a RPC to mgwd to get schannel key table entry { in getScKeyFromSmf() at src/configuration_manager/secd_rpc_config.cpp:112 }
| [000.311.421] <000.001.024> debug: SChannel Key for MDC01 not found { in getSChannelKey() at src/authentication/secd_seclibglue.cpp:509 }
| [000.311.428] <000.000.007> debug: Establishing a new SChannel key for MDC01 { in ensureSChannelKeyEstablished() at src/connection_manager/secd_connection.cpp:363 }
| [000.313.755] <000.002.327> ERR : HandleBytesReturnedFromRecv: Failed to receive data on socket: Connection reset by peer { in DisplayPerror() at src/Support/CustomErrors.cpp:56 }
| [000.313.764] <000.000.009> ERR : RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR:6754 in HandleBytesReturnedFromRecv() at src/FrameWork/Socket.cpp:796
| [000.313.772] <000.000.008> ERR : RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR:6754 in ReceiveDataOnSocket() at src/FrameWork/Socket.cpp:911
| [000.313.833] <000.000.061> debug: Logged secd.conn.auth.failure to EMS { in logEmsEventForServerConnAuthError() at src/utils/secd_ems_utils.cpp:375 }
 
  •  数据包跟踪输出: DC 重置 NetrServerReqChallenge 请求

165   xx.xx.xx.xx   xx.xx.xx.xx  RPC_NETLOGON    NetrServerReqChallenge request, FILER01
166   xx.xx.xx.xx    xx.xx.xx.xx   SMB2            Write Response
167   xx.xx.xx.xx   xx.xx.xx.xx    SMB2            Read Request Len:8192 Off:0 File: NETLOGON
168   xx.xx.xx.xx    xx.xx.xx.xx   TCP              445   48596 [RST] Seq=1327 Win=0 Len=0

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device