メインコンテンツまでスキップ
NetApp adopts Microsoft’s Business-to-Customer (B2C) Identity Management
Effective December 3 - NetApp adopts Microsoft’s Business-to-Customer (B2C) identity management to simplify and provide secure access to NetApp resources. For accounts that did not pre-register (prior to Dec 3) access to your NetApp data may take up to 1 hour as your legacy NSS ID is synchronized to the new B2C identity. To learn more, Read the FAQ and Watch the video. Need assistance? Complete this form and select “Registration Issue” as the Feedback Category. 

(強制) ChannelBinding が原因で、 Secure LDAP を使用した操作が失敗しました

Views:
18
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

に適用されます

  • ONTAP 9
  • Microsoft LDAP Server
  • セキュアLDAP
  • LDAPS
  • Start-TLS の実行

問題

  • ONTAP と MS LDAP サーバの間の LDAP 接続を必要とする処理(ファイルの ACL の変更など)は失敗します。
  • EMS および SECD ログに「 Invalid credentials 」イベントが報告されています。このイベントは、セキュアな LDAP 接続の開始時のエラーに関連しているようです。

EMS のイベント

secd: secd.conn.auth.failure:notice]: Vserver (<vserver>) could not authenticate over the network to server (). Error: Invalid credentials (Service: LDAP (Active Directory), Operation: SiteDiscovery).
 
SECD のイベント
 
00000013.007e944b 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] Failure Summary:
00000013.007e944c 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] Error: User authentication procedure failed
00000013.007e944d 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] CIFS SMB2 Share mapping - Client Ip = 1.2.3.4
00000013.007e944e 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] ...
00000013.007e944f 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] [ 9988] Successfully connected to ip 1.2.3.51, port 636 using TCP
00000013.007e9450 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] [ 10202] Unable to start LDAPS: Invalid credentials
00000013.007e9451 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] [ 10202] Additional info: 80090346: LdapErr: DSID-0C090588, comment: AcceptSecurityContext error, data 80090346, v2580
00000013.007e9452 0fc9a7d2 Mon Nov 02 2020 06:14:14 +01:00 [kern_secd:info:8211] [ 10202] Unable to connect to LDAP (Active Directory) service on <server.domain> (Error: Invalid credentials)
up.

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support