無効な情報を持つPTRが原因でsecd.conn.auth.failureまたはsecd.ldap.noServers:EMERGENCYエラーが発生する

環境

• ONTAP 9
• DNS

問題

• LDAP署名/封印で保護されたLDAPサーバ
• EMSログに次のエラーが記録される：secd.conn.auth.failure:notice  またはsecd.ldap.noServers:EMERGENCY
• サイトディスカバリ：
• EMS：

secd: secd.ldap.noServers:EMERGENCY]: None of the LDAP servers configured for Vserver <VServer Name> are currently accessible via the network

• SecD：

[auth_secd:notice] GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)

• GPO処理：

SecD

.------------------------------------------------------------------------------.
                                 RPC FAILURE:
                       secd_rpc_gpo_get_list has failed
                        Result = 0, RPC Result = 6940
                   RPC received at Thu Feb 13 09:51:42 2020
------------------------------------------------------------------------------'

FAILURE: Unable to SASL bind to LDAP server using GSSAPI: Local error
Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)
Unable to connect to LDAP (Active Directory) service on dc1.demo.netapp.com (Error: Local error)
No servers available for MS_LDAP_AD, vserver: 3, domain: demo.netapp.com.
Unable to make a connection (LDAP (Active Directory):DEMO.NETAPP.COM), result: 6940

• このエラー状態 SPN （ldap/ gc.demo NetApp .com）の詳細は正しくありません（dc1.demo NetApp .com：

info : [krb5 context 0991DC00] ccselect can't find appropriate cache for server principal ldap/gc.demo.netapp.com@

注：パケットトレースでは、 TGS-REQ はエラーを返します。 KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN