- ONTAP 9
- Active Directory
- Clients are not able to interact with file/folders and may get permissions issues when Active Directory user account is locked.
- We can confirm by running below command:
::> set advanced ::*> vserver services access-check authentication show-creds -node node-01 -vserver svm -unix-user-name <root> Vserver: sbm1 (internal ID: 40) Error: Get user credentials procedure failed [ 0 ms] Determined UNIX id 0 is UNIX user 'root' [ 0] UNIX user 'root' mapped to Windows user 'DOMAIN\root' [ 0] Using cached 'DOMAIN\root' SID mapping. [ 11] Successfully connected to ip 10.20.40.80, port 88 using TCP **[ 16] FAILURE: Could not get credentials via S4U2Self based on ** full Windows user name 'root@DOMAIN.LOCAL'. A 'root' or SID 'S-2-8-21-338539323-9078145449-725348543-25819' Error: command failed: Failed to get user credentials. Reason: "Kerberos Error: Clients credentials have been revoked".