由于缺少 AD-LDAP 服务器的 PTR，secd.kerberos.preauth

最后更新
另存为PDF

Views:: 11

Visibility:: Public

Votes:: 1

Category:: ontap-9

Specialty:: nas

Last Updated:

适用于

ONTAP 9
CIFS
Kerberos

问题描述

即使在 CIFS 密码重置后也报告 ONTAP 事件日志错误

secd.kerberos.preauth: A Kerberos pre-authentication failure occurred for SVM "SVM1" due to invalid credentials for SVM1$@DOMAIN.LOCAL.

在 SECD 中找不到 Kerberos 票证并返回错误：

示例指标1:

Discovery returned ldap1.domain.local (10.1.2.14)

Entry for host-address:10.1.2.14 not found in any of the available sources

Requesting tickets for ldap/10.1.2.14@domain.local

-1765328377/Server not found in Kerberos database

AD-LDAP sasl bind failed. Trying again with new password

示例指标2:

NSLIBC: getaddrinfo(), ../../../../../../src/lib/libc/net/getaddrinfo.c:437, Vsid = 3 Hostname received: XXX.XXX.XXX.XXX
 NSLIBC: __res_nsend(), ../../../../../../src/lib/libc/resolv/res_send.c:843, Vsid = 3 Connected to XXX.XXX.XXX.XXX for DNS
 NSLIBC: log_rcode_and_update_stats(), ../../../../../../src/lib/libc/resolv/res_send.c:489, Vsid = 3 Rcode received from the DNS server(XXX.XXX.XXX.XXX): 3 when querying _kerberos.XXX
 NSLIBC: __res_nquery(), ../../../../../../src/lib/libc/resolv/res_query.c:224, Vsid = 3 ;; rcode = (XXX), counts = an:0 ns:1 ar:0
 [krb5 context 09F29800] No URI records found
 [krb5 context 09F29800] Sending DNS SRV query for _kerberos._udp.XXX

客户展示：

The program cannot open the dialogue box as it cannot determine if the computer named SVM.domain.com is joined to a domain