クラスタSVMをActive Directory LDAPで認証できません
環境
- ONTAP 9
- クラスタSVM
- Active Directory LDAPの略
問題
- クラスタSVM用に設定されたMicrosoft AD LDAP認証で、ONTAP がUNIXユーザクレデンシャルを取得できません
::> set advanced ::*> vserver services name-service getxxbyyy getpwbyname -node node1 -vserver ClusterSVM -username ntaptest -show-source true -use-cache falseError: command failed: Failed to resolve ntaptest. Reason: Entry not found for "username: ntaptest - SecDログに次のイベントが表示されます
Error: Acquire UNIX credentials procedure failedEntry for user-name: ntaptest not found in the currentsource: FILES. Ignoring and trying next available source[ 6] Using a cached connection to dc01.netapp.local[ 3301] FAILURE: User 'ntaptest' not found in UNIX authorization source LDAP.[ 3301] Entry for user-name: ntaptest not found in the currentsource: LDAP. Entry for user-name: ntaptest not found in any of the available sources[ 3303] Unable to retrieve UID for UNIX user ntaptestError: command failed: Failed to resolve user name to a UNIX ID. Reason: "SecD Error: object not found".- UID、uidNumber、gidNumberは、PowerShellを使用してActive DirectoryからUNIX属性を照会するときに動作しません
PS Z:\> get-ADuser <user>-Properties * | select SamAccountName,gidnumber,uidNumber,uid