由于DNS未正确响应、无法访问CIFS共享
适用场景
- ONTAP 9.x
- CIFS
问题描述
- 用户无法使用IP或FQDN访问CIFS共享。
- 由于缓存、某些用户可以使用IP和FQDN进行访问。
- DNS检查显示所有DNS服务器均已启动、并且ONTAP能够联系DNS。
clus1::> vserver services name-service dns show -vserver svm1
Name Server
Vserver Name Server Status Status Details
------------- --------------- ------------ --------------------------
svm1 up Response time (msec): 52
1xx.1xc.x.xx
svm1 up Response time (msec): 345
1xx.1xc.1x.xc
svm1 up Response time (msec): 344
1xx.1xc.1x.xc
3 entries were displayed.
- 未设置前DC。
clus1::*> vserver cifs domain preferred-dc show -vserver svm1
There are no entries matching your query.
- 发现模式设置为全部。
clus1::*> vserver cifs domain discovered-servers discovery-mode show
Vserver Mode
------------- --------
svm1 all
- 未发现服务器。
clus1::*> vserver cifs domain discovered-servers show -vserver svm1
There are no entries matching your query.
- CIFS检查输出如下所示。
clus1::>cifs check -vserver svm1
Vserver : svm1
Cifs NetBIOS Name : nb1_xx
Cifs Status : Running
Site :
Node Name DC Server Name DC Server IP Status Status Details
--------------- -------------- --------------- ------ --------------
node-01 xc000.xxcc.nct - down SecD Error: no server available
node-02 xc000.xxcc.nct - down SecD Error: no server available
2 entries were displayed.
- EMS日志中会显示以下事件。
Wed Feb 26 xx:03:xx +0000 [node-02: secd: secd.dns.srv.lookup.failed:error]: DNS server failed to look up service (_ldap._tcp.cii_encrypt/hCTxcxcxcxcPRY4=/cii_encrypt) for vserver (svm1) with error (No server(s) found).
Wed Feb 26 xx:02:xx +0000 [node-02: secd: secd.cifsAuth.problem:error]: vserver (svm1) General CIFS authentication problem. Error: User authentication procedure failed CIFS SMB2 Share mapping - Client Ip = 10.xx.2xx.xc
[ 0 ms] Login attempt by domain user 'xyz.com\username' using NTLMv2 style security
**[ 1] FAILURE: Unable to make a connection (NetLogon:xc000.xxcc.nct), Result: RESULT_ERROR_SECD_IN_DISCOVERY
[ 1] CIFS authentication failed
[ 2] Unable to make a connection (LDAP (Active Directory):xc000.xxcc.nct), Result: RESULT_ERROR_SECD_IN_DISCOVERY