メインコンテンツまでスキップ

無効なIPを持つPTRが原因で、ONTAP 9でsecd.conn.auth.failure:noticeまたはsecd.ldap.noServers:EMERGENCYエラーが発生します

Views:
122
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas<a>LDAP 署名</a><a>LDAP シーリング</a><a>SecD</a>
Last Updated:

環境

ONTAP 9

問題

  • LDAP サーバは、 LDAP の署名と封印によって保護されています
  • EMSログのエラー: secd.conn.auth.failure:noticeまたは secd.ldap.noServers:EMERGENCY
  • サイトディスカバリ:
  • EMS

secd: secd.ldap.noServers:EMERGENCY]: None of the LDAP servers configured for Vserver <VServer Name> are currently accessible via the network

  • SecD:

[auth_secd:notice] GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)

  • GPO処理:

SecD

.------------------------------------------------------------------------------.
                                 RPC FAILURE:
                       secd_rpc_gpo_get_list has failed
                        Result = 0, RPC Result = 6940
                   RPC received at Thu Feb 13 09:51:42 2020
------------------------------------------------------------------------------'

FAILURE: Unable to SASL bind to LDAP server using GSSAPI: Local error
Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)
Unable to connect to LDAP (Active Directory) service on dc1.demo.netapp.com (Error: Local error)
No servers available for MS_LDAP_AD, vserver: 3, domain: demo.netapp.com.
Unable to make a connection (LDAP (Active Directory):DEMO.NETAPP.COM), result: 6940

  • このエラー状態SPN (LDAP / gc.demo.netapp.com)の詳細は正しくありません(dc1.demo.netapp.com:)

info : [krb5 context 0991DC00] ccselect can't find appropriate cache for server principal ldap/gc.demo.netapp.com@

注: パケットトレースで は、TGS-REQ はエラーを返します KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.