メインコンテンツまでスキップ

NetApp wins prestigious Coveo Relevance Pinnacle Award. Learn more!

INSIGHT Japan :2023年 1月25日(水)ANAインターコンチネンタルホテル開催 へ参加・申込を行う

クラスタSVMをActive Directory LDAPで認証できません

Views:
12
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas<a>AD LDAP</a><a>クラスタSVM</a><a>2009108520</a>
Last Updated:

環境

  • ONTAP 9
  • クラスタSVM
  • Active Directory LDAPの略

問題

  • クラスタSVM用に設定されたMicrosoft AD LDAP認証で、ONTAP がUNIXユーザクレデンシャルを取得できません
::> set advanced 
::*> vserver services name-service getxxbyyy getpwbyname -node node1 -vserver ClusterSVM -username ntaptest -show-source true -use-cache false
Error: command failed: Failed to resolve ntaptest. Reason: Entry not found for "username: ntaptest 
  • SecDログに次のイベントが表示されます
Error: Acquire UNIX credentials procedure failed
Entry for user-name: ntaptest not found in the current
source: FILES. Ignoring and trying next available source
[ 6] Using a cached connection to dc01.netapp.local
[ 3301] FAILURE: User 'ntaptest' not found in UNIX authorization source LDAP.
[ 3301] Entry for user-name: ntaptest not found in the current
source: LDAP. Entry for user-name: ntaptest not found in any of the available sources
[ 3303] Unable to retrieve UID for UNIX user ntaptest
Error: command failed: Failed to resolve user name to a UNIX ID. Reason: "SecD Error: object not found".
 
  • UID、uidNumber、gidNumberは、PowerShellを使用してActive DirectoryからUNIX属性を照会するときに動作しません

PS Z:\> get-ADuser <user>-Properties * | select SamAccountName,gidnumber,uidNumber,uid

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device