即使用户映射设置为新 AD ,用户也不会进行身份验证
适用场景
- ONTAP 9
- NAS
- 域 \ 林信任
问题描述
AD 帐户已移至另一个 AD (通过林建立信任),但即使用户映射设置为新 AD ,用户也不会进行身份验证
cluster::> vserver name-mapping show -pattern *user1*
Vserver : vserver1
Direction: win-unix
Position Hostname IP Address/Mask
-------- ---------------- ----------------
1698 - - Pattern : new-ad\\user1
Replacement: user1
Vserver : vserver1
Direction: unix-win
Position Hostname IP Address/Mask
-------- ---------------- ----------------
1698 - - Pattern : user1
Replacement: new-ad\\user1
02/21/2022 10:38:19 node1 ERROR secd.nfsAuth.noCifsCred: vserver (vserver1) NFS authorization cannot retrieve CIFS credentials. Error: Get user credentials procedure failed
[ 1] Determined UNIX id 123456 is UNIX user 'user1'
[ 7] UNIX user 'user1' mapped to Windows user 'NEW.AD\user1'
[ 7] Using cached 'new.ad\user1' SID mapping.
[ 7] Using a cached connection to DC.OLD.AD
**[ 9] FAILURE: Cannot determine AD domain name for 'NEW.AD'
[ 9] Could not get credentials for Windows user 'user1' or SID 'S-x-x-x-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-654321'