Skip to main content
NetApp Knowledge Base

Failed to create the Active Directory machine account Reason: Socket receive error when SMB1 is disabled in AD on ONTAP 9

Views:
7,179
Visibility:
Public
Votes:
4
Category:
ontap-9
Specialty:
nas
Last Updated:

 

Applies to

  • ONTAP 9
  • cifs create

Issue

  • When attempting to create a CIFS vserver within ONTAP, the following error is observed:    ​​​​​​
    • Cluster output

Cluster1::> vserver cifs create -vserver SMV1 -cifs-server SVM1 -domain company.com
In order to create an Active Directory machine account for the CIFS server, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "CN=Computers" container within the "company.net" domain.
Enter the user name: win_user
Enter the password:***

  • Three Errors have been noted for this issue:

Machine account creation procedure failed
[ 153] Loaded the preliminary configuration.
[ 185] Created a machine account in the domain
[ 188] Successfully connected to 10.0.0.1:445 using TCP
[ 189] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 191] Successfully connected to 10.0.0.1:445 using TCP
[ 193] to connect to LSA service on SVM1.company.com (: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 193] No servers available for MS_LSA, vserver: 5, domain: company.com.**
[ 193] : to make a connection** (LSA:COMPANY.COM), result: 6940
[ 193] Could not find Windows SID 'S-1-5-21-2755096389-2719828064-xxxxxxx-512'
[ 197] Deleted existing account 'CN=svm1,CN=Computers,DC=company,DC=com': command failed: Failed to create the Active Directory machine account "SVM1". Reason: SecD : no server available.

Error: Machine account creation procedure failed
  [    85] Loaded the preliminary configuration.
  [   130] Created a machine account in the domain
  [   131] SID to name translations of Domain Users and Admins
           completed successfully
  [   134] Successfully connected to ip 10.0.0.1, port 88 using
           TCP
  [   137] Successfully connected to ip 10.0.0.1, port 464 using
           TCP
  [   163] Kerberos password set for 'SVM1.company.LOCAL' succeeded
  [   163] Set initial account password
  [   171] Successfully connected to ip 10.0.0.1, port 445 using
           TCP
  [   172] Unable to connect to NetLogon service on
           SVM1.company.local (Error:
           RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
**[   172] FAILURE: Unable to make a connection
**         (NetLogon:COMPANY.LOCAL), result: 6754
  [   172] Unable to make a NetLogon connection to SMV1.company.local
           using the new machine account
  [   202] Deleted existing account
           'CN=SVM1,CN=Computers,DC=company,DC=local'
 
Error: command failed: Failed to create the Active Directory machine account "SVM1". Reason: Socket receive error.
Cause.

secd.conn.auth.failure: Vserver (na06) could not make a connection over the network to server (10.2.251.198) via interface 10.1.251.77. Error: Connection reset by peer.
Failure Summary:
Error: User authentication procedure failed
CIFS SMB2 Share mapping - Client Ip = 10.1.191.54
  [  0 ms] Login attempt by domain user 'OFFICE01\Administrator' using NTLMv1 style security
  [     1] Successfully connected to ip 10.2.251.198, port 445 using TCP
  [     2] Unable to connect to NetLogon service on server.com. (Error: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
  [     5] Successfully connected to ip 10.1.251.195, port 445 using TCP
  [    15] Successfully authenticated with DC server.com
  [    18] Authentication failed with DC VISAD5. Not retriable. (Status: 0xc0000064)
  [    18] Login attempt by local user 'OFFICE01\Administrator' using NTLMv1 style security
**[    18] FAILURE: CIFS authentication failed

 

 

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

Scan to view the article on your device