由于CVE-2022-38023、FPolicy服务器无法进行身份验证
适用场景
- ONTAP 9
- FPolicy
- RPC_NETLOGON
- CVE-2022-38023
问题描述
更新Microsoft域控制器后、FPolicy服务器无法与ONTAP通信;正在对RPC_NETLOGON管道强制执行密封
显示的EMS日志示例:
[CLUSTER01-01: secd: secd.strong.auth.required:alert]: Stronger authentication enforced by LDAP server for Vserver VSV-001. 4/25/2023 10:14:51 CLUSTER01-01 ERROR secd.cifsAuth.problem: vserver (VSV-001) General CIFS authentication problem. Error: User authentication procedure failed (Retries: 2) CIFS SMB2 Share mapping - Client Ip = 10.2.1.13 **[ 64] Attempt 1 FAILURE: Unexpected state: Error 6756 at file:src/FrameWork/ClientInfo.cpp func:RemoveAllSharesFromGlobalSession line:4025 **[ 64] Attempt 1 FAILURE: Pass-through authentication failed. (Status: 0xC000005E) **[ 110] Attempt 2 FAILURE: Unexpected state: Error 6756 at file:src/FrameWork/ClientInfo.cpp func:RemoveAllSharesFromGlobalSession line:4025 **[ 110] Attempt 2 FAILURE: Pass-through authentication failed. (Status: 0xC000005E)