メインコンテンツまでスキップ

を使用して CIFS 共有の ACL を設定できません エラー " コンピュータがに接続されているかどうかを判断できません ドメイン "

Views:
78
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas<a>ACL</a><a>AD LDAP</a><a>Start_TLS</a>
Last Updated:

環境

  • ONTAP 9
  • CIFS
  • Start_TLSまたはLDAPS
  • Windows Active Directory 統合 LDAP

問題

  • Windows クライアントで Security タブを使用して CIFS 共有の ACL を設定できません。エラーメッセージ:
例:
"The program cannot open the required dialog box because it cannot determine whether the computer named “cifs -server” is joined to a domain. Close this message, and try again."
  • SecD のログに「 LDAP TLS」認証エラーが記録される。
例1:
00000013.0076d13a 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.250] debug: LDAP TLS Alert generated is 'fatal:unknown CA'
00000013.0076d13b 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.371] info : Unable to start TLS: Connect error { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2030 }
00000013.0076d13c 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.377] info : Additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2033 }
00000013.0076d13d 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.384] ERR : RESULT_ERROR_LDAPSERVER_CONNECT_ERROR:7652 in ldapInitialize() at src/connection_manager/secd_connection.cpp:2042
00000013.0076d13e 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.390] ERR : ldapInitialize: LDAP Error: (-11): 'Connect error':
 
例2​​​
00000024.0001e327 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Failure Summary:
00000024.0001e328 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Error: Get DC Info procedure failed
00000024.0001e329 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] CIFS Domain Query via LSAR_DS_ROLE_GET_DOMAIN_INFO - Client Ip = XXX.XXX.XXX.XXX User = YYYY\ZZZZZZ
00000024.0001e32a 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   ...
00000024.0001e32b 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   13] Unable to connect to LDAP (Active Directory) service on AAAA.BBBB.CCC.com
00000024.0001e32c 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   13] Successfully connected to ip XXX.XXX.XXX.XXX, port 389 using TCP
00000024.0001e32d 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   17] Required certificate with CA DDDDDD is not installed
00000024.0001e32e 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [   17] Unable to start TLS: Connect error​​​​

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.