跳转到主内容

由于ONTAP和DC之间存在时间差异、无法使用主机名访问CIFS共享

Views:
82
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

适用场景

  • ONTAP 9
  • CIFS/SMB
  • Kerberos
  • Linux客户端
  • Windows 客户端

问题描述

  • 无法使用主机名或 FQDN 访问 CIFS 共享
    • CIFS 共享频繁断开连接,卷变得无法访问
    • 在Linux系统上,命令(例如df ) 可能会失败Input/output Error
    • 无法 使用主机名映射SMB (通过带有Samba的UNIX/Linux客户端)共享 

示例:

\\server1 is not accessible. You might not have permission to use this network resource.
Contact the administrator of this server to find out if you have access permissions.

  • Windows 错误:Windows can't access this disc. The disc might be corrupt. Make sure that the disc uses a format that Windows recognizes. If the disc is unformatted, you need to format it before using it.
  • 已发现的域控制器列表 在SVM设置/域选项卡中为空
  • 默认情况下、ONTAP会尝试使用Kerberos进行身份验证。

SECD 和/或EMS日志:

示例:  

Mon Jan 01 18:00:30 -0700 [CLUSTER-XX: secd: secd.cifsAuth.problem:error]: vserver (SVM1) General CIFS authentication problem.
Error: User authentication procedure failed CIFS SMB2 Share mapping - Client Ip = 10.11.XX.XX

[  0 ms] Login attempt by domain user 'Domain\user' using NTLMv2 style security
[    0] Successfully connected to ip 10.1.XX.XX, port 445 using TCP
[    3] Encountered NT error (NT_STATUS_MORE_PROCESSING_REQUIRED) for SMB command SessionSetup
[    3] Cluster, Domain Controller or Client time differs by more than the configured clock skew with respect to the others (KRB5KRB_AP_ERR_SKEW)
[    3] Kerberos authentication failed with result: 7537.
[    4] Unable to connect to NetLogon service on dc01.domain.com (Error: RESULT_ERROR_SECD_NO_CONNECTIONS_AVAILABLE)
[    4] Successfully connected to ip 10.1.XX.XX, port 445 using TCP
[    7] Encountered NT error (NT_STATUS_MORE_PROCESSING_REQUIRED) for SMB command SessionSetup
[    7] Cluster, Domain Controller or Client time differs by more than the configured clock skew with respect to the others (KRB5KRB_AP_ERR_SKEW)
[    7] Kerberos authentication failed with result: 7537.
[    7] Unable to connect to NetLogon service on dc02.domain.com (Error: RESULT_ERROR_SECD_NO_CONNECTIONS_AVAILABLE)
[    7] No servers available for MS_NETLOGON, vserver: 3, domain: domain.com.
[    7] FAILURE: Unable to make a connection (NetLogon:DOMAIN.COM), Result: RESULT_ERROR_SECD_NO_SERVER_AVAILABLE
[    8] CIFS authentication failed

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.