メインコンテンツまでスキップ

ユーザまたはマシンアカウントの属性が見つからないため、 LDAP サーバは使用不可とマークされています

Views:
110
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

環境

ONTAP 9

問題

  • ユーザまたはマシンアカウントの属性情報が見つからないため、 LDAP サーバは使用不可とマークされています。
  • LDAP は、 passwd および group lookup のソースとして ns スイッチ上に設定されています

CDOT::*> ns-switch  show -vserver svm1
                Source
Vserver      Database     Order
--------------- ------------   ---------
svm1       hosts      files,
                dns
svm1       group     files,  
                ldap  <<<<<<
svm1       passwd     files,
                ldap  <<<<<< 
svm1       netgroup     files
svm1       namemap     files

  • vserver cifs domain discovered-servers show では、ユーザまたはマシンアカウントに対してクエリを実行すると、 LDAP サーバが「使用できない」として表示されます。

CDOT::*> diag secd authentication show-creds -vserver svm1 -node CDOT-01 -win-name naslab\india-dc1$
 UNIX UID: pcuser <> Windows User: NASLAB\INDIA-DC1$ (Windows Domain User)

 GID: pcuser
 Supplementary GIDs:
  pcuser

 Primary Group SID: NASLAB\Domain Controllers (Windows Domain group)

 Windows Membership:
  NASLAB\Domain Controllers (Windows Domain group)
  NASLAB\Denied RODC Password Replication Group (Windows Alias)
  NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS (Windows Well known group)
  Service asserted identity (Windows Well known group)
 User is also a member of Authenticated Users, Network Users, and Everyone

 Privileges (0x2000):
  SeChangeNotifyPrivilege

CDOT::*> vserver  cifs domain  discovered-servers show -vserver svm1
Node: CDOT-01
Vserver: svm1

Domain Name    Type    Preference DC-Name      DC-Address    Status
--------------- -------- ---------- --------------- --------------- ---------
""       LDAP    adequate   india-dc1     10.216.41.190   undetermined
""       LDAP    adequate   india-dc2     10.216.41.191   undetermined
""       LDAP    adequate   india-dc3     10.216.41.30   undetermined
""       LDAP    adequate   windowslds    10.216.41.29   unavailable  <<<<<<<<<<<<<
naslab.local   MS-DC   adequate   india-dc1     10.216.41.190   undetermined
naslab.local   MS-DC   adequate   india-dc2     10.216.41.191   undetermined
naslab.local   MS-DC   adequate   india-dc3     10.216.41.30   undetermined
naslab.local   MS-DC   adequate   windowslds    10.216.41.29   OK

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.