Applies to ONTAP 9 Microsoft Active Directory (AD) configured with a one-way trust Issue ONTAP is unable to map a UNIX user to a Windows user from a trusted domain over a one-way trust. This will typi...Applies to ONTAP 9 Microsoft Active Directory (AD) configured with a one-way trust Issue ONTAP is unable to map a UNIX user to a Windows user from a trusted domain over a one-way trust. This will typically occur when a UNIX user via NFS is accessing an export, volume, or file that is NTFS security style. If only a one-way trust exists, this mapping will fail to occur.
Applies to ONTAP 9 CIFS/SMB Issue When creating a CIFS server for an SVM the domain join fails when using Kerberos authentication to bind to AD LDAP Kerberos authentication to bind to the AD LDAP serv...Applies to ONTAP 9 CIFS/SMB Issue When creating a CIFS server for an SVM the domain join fails when using Kerberos authentication to bind to AD LDAP Kerberos authentication to bind to the AD LDAP server fails with: Requested service not found in Active Directory (KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN)
NTFS security style volume/qtree Permission denied when browsing and accessing files and directories in the mounted volume Error: Get user credentials procedure failed [ 0 ms] Determined UNIX id 501 i...NTFS security style volume/qtree Permission denied when browsing and accessing files and directories in the mounted volume Error: Get user credentials procedure failed [ 0 ms] Determined UNIX id 501 is UNIX user 'user1' [ 0] UNIX user 'user1' mapped to Windows user 'DOMAIN_B\user1' [ 2] Could not get credentials for Windows user 'user1' or SID 'S-1-5-21-234345543-1303698708-1846674531-128084' Error: command failed: Failed to get user credentials.
Applies to ONTAP 9 Microsoft Active Directory (AD) configured with a one-way trust Issue ONTAP is unable to apply file ownership to a file if that user is from a trusted domain over a one-way trust vi...Applies to ONTAP 9 Microsoft Active Directory (AD) configured with a one-way trust Issue ONTAP is unable to apply file ownership to a file if that user is from a trusted domain over a one-way trust via the SMB\CIFS protocol, applying or changing file ownership will fail if the user is from a trusted domain. The domain only has a one-way trust with the local domain to which the CIFS server is joined. This is only observed when the security style is NTFS.
Applies to ONTAP 9 Microsoft Active Directory (AD) configured with a one-way trust Description Environment Windows Active Directory with a one-way trust configured. The domain where ONTAP is a m... Applies to ONTAP 9 Microsoft Active Directory (AD) configured with a one-way trust Description Environment Windows Active Directory with a one-way trust configured. The domain where ONTAP is a member has an outgoing trust to the USER domain. The same theory applies whether it is a direct short-cut trust or transitive.
Applies to ONTAP 9 CIFS Issue EMS logs error for the previously trusted domain with no impact: Example: secd.dns.srv.lookup.failed: DNS server failed to look up service (_kerberos._tcp.TRUSTEDDOMAIN.C...Applies to ONTAP 9 CIFS Issue EMS logs error for the previously trusted domain with no impact: Example: secd.dns.srv.lookup.failed: DNS server failed to look up service (_kerberos._tcp.TRUSTEDDOMAIN.COM) for vserver (SVM1) with error (No server(s) found . secd.dns.srv.lookup.failed: DNS server failed to look up service (_kerberos._tcp.TRUSTEDDOMAIN.COM) for vserver (SVM1) with error (Operation timed out). Note: These messages may occur every 4h due to Domain Discovery