を使用して CIFS 共有の ACL を設定できませんエラー " コンピュータがに接続されているかどうかを判断できませんドメイン "

最後の更新
PDFとして保存

Views:: 64

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas<a>ACL</a><a>AD LDAP</a><a>Start_TLS</a>

Last Updated:

環境

ONTAP 9
CIFS
Start_TLSまたはLDAPS
Windows Active Directory 統合 LDAP

問題

Windows クライアントで Security タブを使用して CIFS 共有の ACL を設定できません。エラーメッセージ：

例：

"The program cannot open the required dialog box because it cannot determine whether the computer named “cifs -server” is joined to a domain. Close this message, and try again."

SecD のログに「 LDAP TLS」認証エラーが記録される。

例1：

00000013.0076d13a 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.250] debug: LDAP TLS Alert generated is 'fatal:unknown CA'

00000013.0076d13b 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.371] info : Unable to start TLS: Connect error { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2030 }

00000013.0076d13c 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.377] info : Additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2033 }

00000013.0076d13d 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.384] ERR : RESULT_ERROR_LDAPSERVER_CONNECT_ERROR:7652 in ldapInitialize() at src/connection_manager/secd_connection.cpp:2042

00000013.0076d13e 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.390] ERR : ldapInitialize: LDAP Error: (-11): 'Connect error':

例2

00000024.0001e327 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Failure Summary:
 00000024.0001e328 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Error: Get DC Info procedure failed
 00000024.0001e329 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] CIFS Domain Query via LSAR_DS_ROLE_GET_DOMAIN_INFO - Client Ip = XXX.XXX.XXX.XXX User = YYYY\ZZZZZZ
 00000024.0001e32a 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   ...
 00000024.0001e32b 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   13] Unable to connect to LDAP (Active Directory) service on AAAA.BBBB.CCC.com
 00000024.0001e32c 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   13] Successfully connected to ip XXX.XXX.XXX.XXX, port 389 using TCP
 00000024.0001e32d 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   17] Required certificate with CA DDDDDD is not installed
 00000024.0001e32e 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   17] Unable to start TLS: Connect error