跳转到主内容

重置 AD 对象密码后,某些使用 DNS 名称的客户端无法访问 CIFS

Views:
7
Visibility:
Public
Votes:
0
Category:
data-ontap-7
Specialty:
7dot
Last Updated:

适用场景

  • Data ONTAP 7-模式
  • Microsoft Windows
  • CIFS

问题描述

  • 7- 模式 Active Directory ( AD )计算机对象密码已重置,用户无法连接到 CIFS 共享,并显示通用网络错误 "windows cannot Access the specified device path , path , or file"
  • 在 Data ONTAP 模式下运行 "CIFS 设置 " 以重新同步 AD 对象密码,并恢复访问,但某些客户端仍无法使用 DNS 名称进行连接
  • 所有客户端均可使用 IP 地址进行访问
  • 所有客户端都能够对 DNS 名称执行 ping 操作,该名称将解析为正确的 IP 地址
  • 服务主体名称( Service Principle Name , SPN )和 DNS 配置已通过验证
  • 在 ONTAP 中, Windows 事件查看器或 EMS 未显示任何错误
  • 首选域控制器(首选域控制器)在 Data ONTAP 7- 模式中设置,并且某些 DC 会重新启动
  • AD 服务器,客户端和存储系统上的时间在 5 分钟内(无时间偏差)
  • 收集数据包跟踪,以显示客户端在 SMB 会话设置时收到 "KRB5KRB_AP_ERR_modified" 错误
  • 在 EMS 中,可能会同时出现以下错误:
    • cifs.server.errorMsg:error]: CIFS: Error for server \<VSERVER>: CIFS Session Setup Error STATUS_MORE_PROCESSING_REQUIRED.
    • cifs.server.errorMsg:error]: CIFS: Error for server \<DC>: Response is incorrectly signed.

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.