集群SVM无法使用Active Directory LDAP进行身份验证
适用场景
- ONTAP 9
- 集群SVM
- Active Directory LDAP
问题描述
- 已为集群SVM配置Microsoft AD LDAP身份验证、ONTAP 无法检索UNIX用户凭据
::> set advanced ::*> vserver services name-service getxxbyyy getpwbyname -node node1 -vserver ClusterSVM -username ntaptest -show-source true -use-cache falseError: command failed: Failed to resolve ntaptest. Reason: Entry not found for "username: ntaptest - SecD日志显示以下事件
Error: Acquire UNIX credentials procedure failedEntry for user-name: ntaptest not found in the currentsource: FILES. Ignoring and trying next available source[ 6] Using a cached connection to dc01.netapp.local[ 3301] FAILURE: User 'ntaptest' not found in UNIX authorization source LDAP.[ 3301] Entry for user-name: ntaptest not found in the currentsource: LDAP. Entry for user-name: ntaptest not found in any of the available sources[ 3303] Unable to retrieve UID for UNIX user ntaptestError: command failed: Failed to resolve user name to a UNIX ID. Reason: "SecD Error: object not found".- 使用PowerShell从Active Directory查询UNIX属性时、UID、uidNumber、gidNumber为empy
PS Z:\> get-ADuser <user>-Properties * | select SamAccountName,gidnumber,uidNumber,uid