SASL 绑定到 UNIX LDAP 服务器失败，出现本地错误

适用于

• ONTAP 9
• FreeIPA LDAP 服务器
• LDAP SASL 绑定

问题

• 使用 FreeIPA 作为外部 LDAP 服务器，存储无法通过以下 SecD 日志将 SASL 绑定到 LDAP 服务器

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 0] Resolved LDAP servers: 10.10.10.10. Vserver: 6

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 42] Successfully connected to ip 10.10.10.10, port 389 using TCP

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 44] Entry for host-address: 10.10.10.10 not found in the current source: FILES. Ignoring and trying next available source

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] **[ 69] FAILURE: Unable to SASL bind to LDAP server using GSSAPI: Local error

Tue Aug 03 2021 10:48:04 +02:00 [kern_secd:info:91312] [ 69] Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server ldap/dc01.ntap.local@NTAP.LOCAL not found in Kerberos database)

• 检查 DNS 以确保 ONTAP 可能连接的所有 LDAP 服务器具有单个正确的 PTR 记录