Cannot configure LDAPS in LDAP Client
Applies to
ONTAP
Issue
After installing the required certificate for LDAP Client Config to use LDAPS, received error
secd: secd.nfsAuth.noCifsCred:error]: vserver (svm_cifs) NFS authorization cannot retrieve CIFS credentials. Error: Get user credentials procedure failed ...
Unable to connect to LDAP (Active Directory) service on dc1.AD.local
Successfully connected to ip 10.10.10.10, port 389 using TCP
[ 243] Required certificate with CA Certificate Root CA 01 is not installed
[ 243] Unable to start TLS: Connect error
[ 243] Additional info: error:0A000086:SSL routines::certificate verify failed (unable to get local issuer certificate)
[ 244] Unable to connect to LDAP (Active Directory) service on dc2.AD.local
[ 2251] TCP connection to ip 10.10.10.11, port 389 failed: Operation timed out.
[ 2252] Unable to start TLS: Can't contact LDAP server
[ 2253] Unable to connect to LDAP (Active Directory) service on dc3.AD.local
[ 4261] TCP connection to ip 10.10.10.22, port 389 failed: Operation timed out.
[ 4262] Unable to start TLS: Can't contact LDAP server
[ 4262] Unable to connect to LDAP (Active Directory) service on dc4.AD.local
[ 6271] TCP connection to ip 10.10.10.160, port 389 failed: Operation timed out.
[ 6272] Unable to start TLS: Can't contact LDAP server
[ 6273] Unable to connect to LDAP (Active Directory) service on dc5.AD.local
[ 8281] TCP connection to ip 10.10.10.161, port 389 failed: Operation timed out.
[ 8283] Unable to start TLS: Can't contact LDAP server
[ 8283] Unable to connect to LDAP (Active Directory) service on dc6.AD.local
**[ 8283] FAILURE: Unable to make a connection (LDAP (Active Directory):AD.local), result: 6942
[ 8284] Could not get credentials via LDAP for Windows user 'UnixUser' based on SID 'S-1-5-21-111111111-2222222222-333333'
[ 8284] Could not get credentials for Windows user 'UnixUser' or SID 'S-1-5-21-111111111-2222222222-333333...[Please refer to secd log for more detail!]