Skip to main content
NetApp Knowledge Base

Failed to create the Active Directory machine account Reason: Socket receive error when SMB1 is disabled in AD on ONTAP 9

Views:
2,842
Visibility:
Public
Votes:
1
Category:
ontap-9
Specialty:
cifs
Last Updated:

 

Applies to

  • ONTAP 9
  • Clustered Data ONTAP 8.3 and higher

Issue

  • When attempting to create a CIFS vserver within ONTAP, the following error is observed:    ​​​​​​
    • Cluster output

Cluster1::> vserver cifs create -vserver SMV1 -cifs-server SVM1 -domain company.com
In order to create an Active Directory machine account for the CIFS server, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "CN=Computers" container within the "company.net" domain.
Enter the user name: win_user
Enter the password:***

  • Three Errors have been noted for this issue:

Machine account creation procedure failed
[ 153] Loaded the preliminary configuration.
[ 185] Created a machine account in the domain
[ 188] Successfully connected to 10.0.0.1:445 using TCP
[ 189] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 191] Successfully connected to 10.0.0.1:445 using TCP
[ 193] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 193] No servers available for MS_LSA, vserver: 5, domain: company.com.**
[ 193] : to make a connection** (LSA:COMPANY.COM), result: 6940
[ 193] Could not find Windows SID 'S-1-5-21-2755096389-2719828064-xxxxxxx-512'
[ 197] Deleted existing account 'CN=svm1,CN=Computers,DC=company,DC=com': command failed: Failed to create the Active Directory machine account "SVM1". Reason: SecD : no server available.

Error: Machine account creation procedure failed
  [    85] Loaded the preliminary configuration.
  [   130] Created a machine account in the domain
  [   131] SID to name translations of Domain Users and Admins
           completed successfully
  [   134] Successfully connected to ip 10.0.0.1, port 88 using
           TCP
  [   137] Successfully connected to ip 10.0.0.1, port 464 using
           TCP
  [   163] Kerberos password set for 'SVM1.company.LOCAL' succeeded
  [   163] Set initial account password
  [   171] Successfully connected to ip 10.0.0.1, port 445 using
           TCP
  [   172] Unable to connect to NetLogon service on
           SVM1.company.local (Error:
           RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
**[   172] FAILURE: Unable to make a connection
**         (NetLogon:COMPANY.LOCAL), result: 6754
  [   172] Unable to make a NetLogon connection to SMV1.company.local
           using the new machine account
  [   202] Deleted existing account
           'CN=SVM1,CN=Computers,DC=company,DC=local'
 
Error: command failed: Failed to create the Active Directory machine account "SVM1". Reason: Socket receive error.
Cause.

secd.conn.auth.failure: Vserver (na06) could not make a connection over the network to server (10.2.251.198) via interface 10.1.251.77. Error: Connection reset by peer.
Failure Summary:
Error: User authentication procedure failed
CIFS SMB2 Share mapping - Client Ip = 10.1.191.54
  [  0 ms] Login attempt by domain user 'OFFICE01\Administrator' using NTLMv1 style security
  [     1] Successfully connected to ip 10.2.251.198, port 445 using TCP
  [     2] Unable to connect to NetLogon service on server.com. (Error: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
  [     5] Successfully connected to ip 10.1.251.195, port 445 using TCP
  [    15] Successfully authenticated with DC server.com
  [    18] Authentication failed with DC VISAD5. Not retriable. (Status: 0xc0000064)
  [    18] Login attempt by local user 'OFFICE01\Administrator' using NTLMv1 style security
**[    18] FAILURE: CIFS authentication failed

 

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support