Skip to main content
NetApp Knowledge Base

Unable to set ACLs for the CIFS share with an error "cannot determine whether the computer is joined to a domain"

Views:
724
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
cifs
Last Updated:

Applies to

  • ONTAP 9
  • CIFS
  • Start_TLS
  • Windows Active Directory integrated LDAP

Issue

  • Unable to set ACLs for the CIFS share using the Security tab on a Windows client with an error message:
Exapmle:
"The program cannot open the required dialog box because it cannot determine whether the computer named “cifs -server” is joined to a domain. Close this message, and try again."
  • SecD logs show following "LDAP TLS " authentication errors.
Example 1:
00000013.0076d13a 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.250] debug: LDAP TLS Alert generated is 'fatal:unknown CA'
00000013.0076d13b 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.371] info : Unable to start TLS: Connect error { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2030 }
00000013.0076d13c 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.377] info : Additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed { in ldapInitialize() at src/connection_manager/secd_connection.cpp:2033 }
00000013.0076d13d 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.384] ERR : RESULT_ERROR_LDAPSERVER_CONNECT_ERROR:7652 in ldapInitialize() at src/connection_manager/secd_connection.cpp:2042
00000013.0076d13e 094b3eb1 Thu Sep 03 2020 21:57:50 +01:00 [kern_secd:info:14298] | [005.348.390] ERR : ldapInitialize: LDAP Error: (-11): 'Connect error':
 
Example 2:​​​
00000024.0001e327 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Failure Summary:
00000024.0001e328 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] Error: Get DC Info procedure failed
00000024.0001e329 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345] CIFS Domain Query via LSAR_DS_ROLE_GET_DOMAIN_INFO - Client Ip = XXX.XXX.XXX.XXX User = YYYY\ZZZZZZ
00000024.0001e32a 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   ...
00000024.0001e32b 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [    13] Unable to connect to LDAP (Active Directory) service on AAAA.BBBB.CCC.com
00000024.0001e32c 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [    13] Successfully connected to ip XXX.XXX.XXX.XXX, port 389 using TCP
00000024.0001e32d 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [    17] Required certificate with CA DDDDDD is not installed
00000024.0001e32e 02a31434 Thu Feb 04 2021 00:00:00  00:00 [kern_secd:info:12345]   [    17] Unable to start TLS: Connect error​​​​

 

CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support