secd.ldap.noServers:EMERGENCY、因为在ONTAP升级后发现可信DC

[node1: secd: secd.ldap.noServers:EMERGENCY]: None of the LDAP servers configured for Vserver (SVM1) are currently accessible via the network for LDAP service type (Service: LDAP (Active Directory), Operation: SiteDiscovery).
 

[node1: secd: secd.conn.auth.failure:notice]: Vserver (SVM1) could not make a connection over the network to server (ip <TrustedDC>, port 389). Error: Operation timed out (Service: LDAP (Active Directory), Operation: SiteDiscovery).

注意：  受信任域控制器的EMS条目。升级之前、没有此类 日志条目。

A Kerberos pre-authentication failure occurred for SVM "svm_ZUSCUPxxST1xx" due to invalid credentials for ZUxCUPDAXxxx$@TAAAXxx01.LOCAL

• 为受信任域发现的MS-LDAP服务器不可用：
  • ::> vserver cifs domain discovered-servers show -vserver <svm>
• 继续解决方案之前、可以执行以下故障排除步骤
  • 确保SVM与可信DC之间的通信：
    • LDAP 到可信DC不会被防火墙等阻止
    • 域控制器响应LDAP请求。
    • 如果指定的受信任域不再存在：
      • 表面错误、无影响
      • 从Active Directory中删除任何已停用的域信任关系以防止出现错误