KerberosエラーKRB5KRB_AP_AP_ERR_MODIFIEDが原因でCIFSが停止しています
環境
- ONTAP 9
- Kerberos
問題
- CIFSクライアントヲニンショウデキナイ
- ONTAPはドメインコントローラへの認証を試み、KerberosエラーKRB5KRB_AP_ERR_MODIFIEDを受け取ります。
- EMSのメッセージ
7/14/2023 14:14:14 cluster1node2 ERROR secd.cifsAuth.problem: vserver (svm_name) General CIFS authentication problem. Error: User authentication procedure failed
CIFS SMB2 Share mapping - Client Ip = 10.22.222.22
[ 0 ms] Login attempt by domain user 'DOMAIN\user_name' using NTLMv2 style security
[ 229] Successfully connected to ip 10.194.157.15, port 445 using TCP
[ 699] Encountered NT error (NT_STATUS_MORE_PROCESSING_REQUIRED) for SMB command SessionSetup
[ 699] Message stream modified (KRB5KRB_AP_ERR_MODIFIED)
[ 699] Kerberos authentication failed with result: 7541.
[ 699] Unable to connect to NetLogon service on dc_name.DOMAIN.com (Error: RESULT_ERROR_SECD_NO_CONNECTIONS_AVAILABLE)
[ 700] No servers available for MS_NETLOGON, vserver: 27, domain: DOMAIN.com.
**[ 700] FAILURE: Unable to make a connection (NetLogon:DOMAIN.COM), result: 6940
[ 700] CIFS authentication failed