在CIFS环境中、使用RODC无法进行Kerberos通信
适用场景
- NetApp ONTAP 9.
- CIFS
- Domain Controller(域控制器)(DC)
- 只读DC (RODC)
- 读/回读DC (读/回读DC)
- Kerberos
- 非军事区(DMZ)
问题描述
在仅具有RODC的CIFS环境中、Kerberos通信不起作用
secd: secd.unexpectedFailure:debug: vserver (<vserver>) Unexpected failure. Error: Lookup of CIFS account SID procedure failed
Successfully connected to ip <rodc>, port 445 using TCP
Improper format of Kerberos configuration file (KRB5_CONFIG_BADFORMAT)
Failed to initiate Kerberos authentication. Trying NTLM.
Encountered NT error (NT_STATUS_MORE_PROCESSING_REQUIRED) for SMB command SessionSetup
Successfully authenticated with DC <rodc>
Could not find Windows SID '<sid>'
FAILURE: SID lookup failed