3rd party firewall on Active Directory is blocking ports 389 and 445

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 270

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: cifs

Last Updated:

Applies to

ONTAP 9
SMB/CIFS

Issue

When attempting to reach out to Active Directory (AD), AD closes the connection when attempting to connect to ports 389 or 445.
This can be seen via TCPDUMP:

We also can see this in secd/ems logs:

[Cluster01-01: secd: secd.cifsAuth.problem:error]: vserver (SVM1) General CIFS authentication problem. Error: User authentication procedure failed CIFS SMB2 Share mapping - Client Ip = 10.1.1.2

[ 0 ms] Login attempt by domain user 'NetApp\bob' using NTLMv2 style security

[ 0] Using a cached connection to DC1.NetApp.com

[ 26] Authentication failed with DC DC1. Not retriable. (Status: 0xc0000064)

[ 27] Unable to find the NetBIOS domain name for Active Directory '.' **

[ 27] FAILURE: CIFS authentication failed

[ 2125] TCP connection to ip 10.10.10.10, port 389 via interface 10.10.10.2 failed: Operation timed out.

[ 4159] Unable to connect to LDAP (Active Directory) service on DC2.NetApp.com (Error: Can't contact LDAP server