无法创建计算机帐户，并出现 LDAP 错误本地错误

适用场景

• ONTAP 9
• Active Directory 服务器
• CIFS 服务器
• LDAP 签名或签章

问题描述

• 尝试为 SVM 创建 Active Directory 或 CIFS 服务器失败，并显示以下错误：

Error: command failed: Failed to create the Active Directory machine account "SVMAD". Reason: LDAP Error: Local error occurred.

• 如果尝试显示问题描述遇到的域控制器，则还会观察到 EMS 事件，例如本示例中的 "olddc1" ：

Tue Jun 15 14:03:17 UTC [cluster-01: secd: secd.conn.auth.failure:notice]: Vserver (svmad) could not authenticate over the network to server (olddc1). Error: Local error ().

Tue Jun 15 14:03:17 UTC [cluster-01: secd: secd.unexpectedFailure:debug]: vserver (svmad) Unexpected failure. Error: Machine account creation procedure failed   [ 19269] Loaded the preliminary configuration.   [ 19294] Successfully connected to ip 10.100.1.100, port 88 using TCP   [ 19974] Successfully connected to ip 10.100.1.100, port 389 using TCP   [ 19974] Entry for host-address: 10.100.1.100 not found in the current source: FILES. Ignoring and trying next available source   [ 20092] Successfully connected to ip 10.100.1.100, port 88 using TCP **[ 20314] FAILURE: Unable to SASL bind to LDAP server using GSSAPI: Local error   [ 20314]   Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)   [ 20314] Unable to connect to LDAP (Active Directory) service on olddc1.demo.netapp.com (Error: Local error)   [ 20314] Unable to make a connection (LDAP (Active Directory):DEMO.NETAPP.COM), result: 7643   [ 20315] Retry requested, but the retry window (7000 ms) has expired; giving up.