Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

3rd party firewall on Active Directory is blocking  ports 389 and 445

Views:
270
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

Applies to

  • ONTAP 9
  • SMB/CIFS

Issue

  • When attempting to reach out to Active Directory (AD), AD closes the connection when attempting to connect to ports 389 or 445.
  • This can be seen via TCPDUMP:
clipboard_e1f3334ad1e0cce0a176f81190292165a.png
 
  • We also can see this in secd/ems logs:

[Cluster01-01: secd: secd.cifsAuth.problem:error]: vserver (SVM1) General CIFS authentication problem. Error: User authentication procedure failed CIFS SMB2 Share mapping - Client Ip = 10.1.1.2

[ 0 ms] Login attempt by domain user 'NetApp\bob' using NTLMv2 style security

[ 0] Using a cached connection to DC1.NetApp.com

[ 26] Authentication failed with DC DC1. Not retriable. (Status: 0xc0000064)

[ 27] Unable to find the NetBIOS domain name for Active Directory '.' **

[ 27] FAILURE: CIFS authentication failed

[ 2125] TCP connection to ip 10.10.10.10, port 389 via interface 10.10.10.2 failed: Operation timed out.

[ 4159] Unable to connect to LDAP (Active Directory) service on DC2.NetApp.com (Error: Can't contact LDAP server

 

 

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support