CIFS のセットアップが失敗し、「 Active Directory にこのアカウントの Kerberos キーがありません」というメッセージが表示される
環境
- Data ONTAP 7-Mode
- Kerberos
問題
- CIFS のセットアップが次のエラーで失敗する:
Could not authenticate with domain controller: No Kerberos keys for this account in Active Directory.
- 例
*> cifs setup
This process will enable CIFS access to the filer from a Windows(R) system.
Use "?" for help at any prompt and Ctrl-C to exit without committing changes.
This filer is currently a member of the Active Directory domain
'NASLAB.LOCAL'.
Do you want to continue and change the current filer account information? [n]: y
Your filer does not have WINS configured and is visible only to
clients on the same subnet.
Do you want to make the system visible via WINS? [n]:
This filer is currently configured as an NTFS-only filer.
Would you like to reconfigure this filer to be a multiprotocol filer? [n]:
The default name for this CIFS server is 'VRAMAMUR-VSIM'.
Would you like to change this name? [n]:
Data ONTAP CIFS services support four styles of user authentication.
Choose the one from the list below that best suits your situation.
(1) Active Directory domain authentication (Active Directory domains only)
(2) Windows NT 4 domain authentication (Windows NT or Active Directory domains)
(3) Windows Workgroup authentication using the filer's local user accounts
(4) /etc/passwd and/or NIS/LDAP authentication
In order to create an Active Directory machine account for the filer,
you must supply the name and password of a Windows account with
sufficient privileges to add computers to the NASLAB.LOCAL domain.
Enter the name of the Windows user [Administrator@NASLAB.LOCAL]:
Password for Administrator@NASLAB.LOCAL:
Could not authenticate with domain controller: No Kerberos keys for this account in Active Directory.
To recover, reset account password on DC, then either wait for or force
Active Directory synchronization.
CIFS - unable to log into domain as Administrator@NASLAB.LOCAL.
Please try again (Ctrl-C to exit).
Enter the name of the Windows user [Administrator@NASLAB.LOCAL]: