具有 LDAP Start-TLS 或 LDAPS 的 CIFS 失败"未安装 CA xxxx 的必需证书"
适用于
- ONTAP 9
- CIFS
- 轻型目录访问协议 (LDAPS)
- 安全轻型目录访问协议 (LDAP with StartTLS)
问题描述
use-ldaps-for-ad-ldap设置为 true
::> vserver cifs security show -vserver svm1 -fields use-ldaps-for-ad-ldap
vserver use-ldaps-for-ad-ldap
------- ---------------------
svm1 true或
use-start-tls-for-ad-ldap设置为 true
::> vserver cifs security show -vserver svm1 -fields use-start-tls-for-ad-ldap
vserver use-start-tls-for-ad-ldap
------- ---------------------
svm1 true
- CIFS 服务器创建或修改失败
示例 (LDAPS):
[ 7] Successfully connected to ip XXXX, port 636 using TCP [ 11] Required certificate with CA XXXX is not installed [ 11] Unable to start LDAPS: Can't contact LDAP server [ 11] Additional info: error:0A000086:SSL routines::certificate verify failed (unable to get local issuer certificate) [ 11] Unable to connect to LDAP (NIS & Name Mapping) service on XXXX (Error: Can't contact LDAP server) [ 11] No servers available for LDAP_NIS_AND_NAME_MAPPING, vserver: 15, domain: . **[ 11] FAILURE: Unable to make a connection (LDAP (NIS & Name Mapping):), Result: RESULT_ERROR_SECD_NO_SERVER_AVAILABLE