来自特定 HA 对或节点的 EMS secd.conn.auth.failure
适用场景
- ONTAP 9
- 域隧道认证
问题描述
- 针对集群中的特定 ONTAP 节点注意到的 EMS 消息:
[node-04: secd:secd.conn.auth.failure:notice]: Vserver (vserver1) could not make a connection over the network to server (ip 10.0.0.1, port 88). Error: No route to host ().
[node-04: secd: secd.conn.auth.failure:notice]: Vserver (vserver1) could not make a connection over the network to server (ip 10.0.0.1, port 88). Error: Can't assign requested address ().
[node-04: secd:secd.conn.auth.failure:notice]: Vserver (vserver1) could not make a connection over the network to server (ip 10.0.0.1, port 88). Error: Operation timed out().
[node-04: secd: secd.kerberos.preauth:error]: A Kerberos pre-authentication failure occurred for SVM (vserver1) due to invalid credentials for users@Domain.LOCAL.
[node-04: secd: secd.cifsAuth.problem:error]: vserver (vserver1) General CIFS authentication problem. Error: Ontap admin cifs authentication basic procedure failed
[ 16 ms] Successfully connected to ip 10.0.0.1, port 88 using TCP
[ 63] Successfully connected to ip 10.0.0.1, port 88 using TCP
**[ 106] FAILURE: Could not authenticate as 'users@Domain.LOCAL': Invalid Credentials (KRB5KDC_ERR_PREAUTH_FAILED).
[ 143] Kerberos authentication failed. Skipping NTLM
[ 143] Ontap-admin-login-cifs failed"
- 网络配置:
::> network interface show
Logical Status Network Current Current Is
Vserver Interface Admin/Oper Address/Mask Node Port Home
----------- ---------- ---------- ------------------ ------------- ------- ----
vserver1
vserver1a_client up/up 10.0.0.1/24 node-05 a0b true
vserver1b_client up/up 10.4.1.2/24 node-06 a0b true
vserver1c_client up/up 10.4.1.6/24 node-05 a0b true
vserver1d_client up/up 10.4.1.7/24 node-06 a0b true
注意: node-04 正在报告 EMS 警报,并且没有配置 LIF