安全守护进程( secd )无法按 UID 和名称查找本地 UNIX 用户
状态信息
适用场景
- ONTAP 9.3P5 及更早版本
- 集群模式 Data ONTAP 8
问题描述
- 安全守护进程( secd )无法按 UID 和名称查找或转换某些 UNIX 用户。
- 新创建的本地 UNIX 用户也会受到此问题的影响。
- 受影响的 UNIX 用户无法挂载和访问数据。
- 符合 ONTAP 版本限制的用户数量—均在范围内
Cluster1::> set advanced
Cluster1::*> vserver services name-service unix-group max-limit show
Limit Current Count
-------------- --------------
16384 344
Cluster1::*> vserver services name-service unix-user max-limit show
Limit Current Count
-------------- --------------
16384 864
- 定义的 UNIX 用户的详细信息:
Cluster1::*> unix-user show -vserver SVM01 -user NewUser
Vserver: SVM01
User Name: NewUser
User ID: 1234
Primary Group ID: 321
User's Full Name:
- UNIX 名称和 UID 的转换均失败
Cluster1::*> diag secd authentication translate -node NODE01 -vserver SVM01 -uid 1234
Vserver: SVM01 (internal ID: 8)
Error: Acquire UNIX credentials procedure failed
[ 0 ms] Entry for user-id: 1234 not found in the current source:
FILES. Entry for user-id: 1234 not found in any of the available sources
**[ 0] FAILURE: Unable to retrieve UNIX username for UID 1234
Error: command failed: Failed to resolve User ID '1234' to a user name. Reason: "SecD Error: object not found".
Cluster1::*> diag secd authentication translate -node NODE01 -vserver SVM01 -unix-user-name NewUser
Vserver: SVM01 (internal ID: 8)
Error: Acquire UNIX credentials procedure failed
[ 0 ms] Entry for user-name: NewUser not found in the current
source: FILES. Entry for user-name: NewUser not found in
any of the available sources
**[ 0] FAILURE: Unable to retrieve UID for UNIX user NewUser
Error: command failed: Failed to resolve user name to a UNIX ID. Reason: "SecD Error: object not found"
- UNIX 用户凭据显示失败
Cluster1::*> diag secd authentication show-creds -node NODE01 -vserver SVM01 -unix-user-name NewUser
Vserver: SVM01 (internal ID: 8)
Error: Acquire UNIX credentials procedure failed
[ 0 ms] Entry for user-name: NewUser not found in the current
source: FILES. Entry for user-name: NewUser not found in
any of the available sources
**[ 0] FAILURE: Unable to retrieve UID for UNIX user NewUser
Error: command failed: Failed to resolve user name to a UNIX ID. Reason: "SecD Error: object not found".