DNSエラーが原因でCIFSサーバの作成に失敗する
環境
- ONTAP 9
- OnCommand Workflow Automation(WFA)
- System Manager
問題
-
OnCommand Workflow Automation (WFA)を使用してCIFS対応SVMを作成している場合、CIFSサーバを作成する手順が次のエラーで失敗します。
11:16:33.659 INFO [Setup CIFS service] ### Command 'Setup CIFS service' in 'POWER_SHELL' ###
11:16:42.644 INFO [Setup CIFS service] Using cached cluster connection
11:16:43.191 INFO [Setup CIFS service] Credentials successfully provided for 'DOMAIN.COM'
11:16:43.222 INFO [Setup CIFS service] Creating CIFS server with name 'CIFS1' for Storage Virtual Machine 'vserver1'
11:16:50.660 ERROR [Setup CIFS service] Failed to create the Active Directory machine account "CIFS1". Reason: SecD Error: no server available Details: Error: Machine account creation procedure failed [ 2 ms] Trying to re-use machine account 'CIFS1' in 'DOMAIN.COM' for Vserver 'vserver1' **[ 15] FAILURE: Unable to contact DNS to discover domain ** controllers. [ 15] Unable to connect to any (0) domain controllers. [ 21] Unable to contact DNS to discover domain controllers. [ 27] No servers available for MS_LDAP_AD, vserver: 84, domain: DOMAIN.COM.
-
System Managerを使用したCIFSサーバの作成が失敗する
Operation Create Cifs Server failed with error Failed to create the Active Directory machine account. Reason: Unable to connect to any domain controllers.
-
EMSログ:
[NODE-01: secd: secd.unexpectedFailure:error]: Unexpected SecD failure in Vserver "SVM". Details: Error: Machine account creation procedure failed [ 65158] Loaded the preliminary configuration. ** [ 66535] FAILURE: Could not authenticate as 'user@DOMAIN.COM': Cannot find KDC for requested realm (KRB5_REALM_UNKNOWN) [ 66536] Retry requested, but the retry window (7000 ms) has expired; giving up.
-
表示される新しく作成されたSVMのDNSを確認しています:
-
Cluster1::*> dns check -vserver vserver1
Name ServerVserver Name Server Status Status Details
------------- --------------- ------------ --------------------------
vserver1 19.13.0.246 up Response time (msec): 2
vserver1 19.69.0.246 up Response time (msec): 2
2 entries were displayed.
-
- イベントログには次のエラーが含まれています。
secd.dns.srv.lookup.failed: DNS server failed to look up service (_ldap._tcp.dc._msdcs.domain.com) for vserver (vserver1 with error (No such process).secd.dns.srv.lookup.failed: DNS server failed to look up service (_ldap._tcp.DOMAIN.COM) for vserver (vserver1) with error (No such process).
- SVMの作成後にCLIを使用してCIFSサーバを手動で作成することは、正常に機能します。