メインコンテンツへスキップ

ONTAPとDCの時差が原因でホスト名のCIFS共有にアクセスできない

  1. 最後の更新
  2. PDFとして保存
Views:
211
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

環境

  • ONTAP 9
  • CIFS / SMB
  • Kerberos
  • Linuxクライアント
  • Windowsクライアント

問題

  • ホスト名またはFQDNでCIFS共有にアクセスできない
    • CIFS共有が頻繁に切断され、ボリュームにアクセスできなくなる
    • Linuxシステムでは 、コマンド(df など)が次のようなエラーで失敗することがあります。Input/output Error
    • (Sambaを使用したUNIX/Linuxクライアント経由で)SMB 共有をホスト名でマッピングできない 

例:

\\server1 is not accessible. You might not have permission to use this network resource.
Contact the administrator of this server to find out if you have access permissions.

  • Windows エラー: Windows can't access this disc. The disc might be corrupt. Make sure that the disc uses a format that Windows recognizes. If the disc is unformatted, you need to format it before using it.
  • [SVM設定/ドメイン]タブで検出されたドメインコントローラのリストが空です
  • ONTAPは、デフォルトでKerberosを使用して認証を試みます。

SecD / EMSログ:

例:  

Mon Jan 01 18:00:30 -0700 [CLUSTER-XX: secd: secd.cifsAuth.problem:error]: vserver (SVM1) General CIFS authentication problem.
Error: User authentication procedure failed CIFS SMB2 Share mapping - Client Ip = 10.11.XX.XX

[  0 ms] Login attempt by domain user 'Domain\user' using NTLMv2 style security
[    0] Successfully connected to ip 10.1.XX.XX, port 445 using TCP
[    3] Encountered NT error (NT_STATUS_MORE_PROCESSING_REQUIRED) for SMB command SessionSetup
[    3] Cluster, Domain Controller or Client time differs by more than the configured clock skew with respect to the others (KRB5KRB_AP_ERR_SKEW)
[    3] Kerberos authentication failed with result: 7537.
[    4] Unable to connect to NetLogon service on dc01.domain.com (Error: RESULT_ERROR_SECD_NO_CONNECTIONS_AVAILABLE)
[    4] Successfully connected to ip 10.1.XX.XX, port 445 using TCP
[    7] Encountered NT error (NT_STATUS_MORE_PROCESSING_REQUIRED) for SMB command SessionSetup
[    7] Cluster, Domain Controller or Client time differs by more than the configured clock skew with respect to the others (KRB5KRB_AP_ERR_SKEW)
[    7] Kerberos authentication failed with result: 7537.
[    7] Unable to connect to NetLogon service on dc02.domain.com (Error: RESULT_ERROR_SECD_NO_CONNECTIONS_AVAILABLE)
[    7] No servers available for MS_NETLOGON, vserver: 3, domain: domain.com.
[    7] FAILURE: Unable to make a connection (NetLogon:DOMAIN.COM), Result: RESULT_ERROR_SECD_NO_SERVER_AVAILABLE
[    8] CIFS authentication failed

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.