即使用户映射设置为新 AD ，用户也不会进行身份验证

最后更新
另存为PDF

Views:: 19

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas<a>2009083772</a>

Last Updated:

适用场景

ONTAP 9
NAS
域 \ 林信任

问题描述

AD 帐户已移至另一个 AD （通过林建立信任），但即使用户映射设置为新 AD ，用户也不会进行身份验证

cluster::> vserver name-mapping show -pattern *user1*
 Vserver  : vserver1
 Direction: win-unix
 Position Hostname         IP Address/Mask
 -------- ---------------- ----------------
 1698     -                -                Pattern   : new-ad\\user1
                                            Replacement: user1
 Vserver  : vserver1
 Direction: unix-win
 Position Hostname     IP Address/Mask
 -------- ---------------- ----------------
 1698   -         -         Pattern   : user1
                       Replacement: new-ad\\user1

02/21/2022 10:38:19 node1 ERROR secd.nfsAuth.noCifsCred: vserver (vserver1) NFS authorization cannot retrieve CIFS credentials. Error: Get user credentials procedure failed
   [ 1] Determined UNIX id 123456 is UNIX user 'user1'
   [ 7] UNIX user 'user1' mapped to Windows user 'NEW.AD\user1'
   [ 7] Using cached 'new.ad\user1' SID mapping.
   [ 7] Using a cached connection to DC.OLD.AD
 **[ 9] FAILURE: Cannot determine AD domain name for 'NEW.AD'
   [ 9] Could not get credentials for Windows user 'user1' or SID 'S-x-x-x-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-654321'