Cannot configure LDAPS in LDAP Client
Applies to
ONTAP
Issue
After installing the required certificate for LDAP Client Config to use LDAPS, received error
secd: secd.nfsAuth.noCifsCred:error]: vserver (svm_cifs) NFS authorization cannot retrieve CIFS credentials. Error: Get user credentials procedure failed ...
Unable to connect to LDAP (Active Directory) service on dc1.AD.localSuccessfully connected to ip 10.10.10.10, port 389 using TCP[ 243] Required certificate with CA Certificate Root CA 01 is not installed[ 243] Unable to start TLS: Connect error[ 243] Additional info: error:0A000086:SSL routines::certificate verify failed (unable to get local issuer certificate)[ 244] Unable to connect to LDAP (Active Directory) service on dc2.AD.local[ 2251] TCP connection to ip 10.10.10.11, port 389 failed: Operation timed out.[ 2252] Unable to start TLS: Can't contact LDAP server[ 2253] Unable to connect to LDAP (Active Directory) service on dc3.AD.local[ 4261] TCP connection to ip 10.10.10.22, port 389 failed: Operation timed out.[ 4262] Unable to start TLS: Can't contact LDAP server[ 4262] Unable to connect to LDAP (Active Directory) service on dc4.AD.local[ 6271] TCP connection to ip 10.10.10.160, port 389 failed: Operation timed out.[ 6272] Unable to start TLS: Can't contact LDAP server[ 6273] Unable to connect to LDAP (Active Directory) service on dc5.AD.local[ 8281] TCP connection to ip 10.10.10.161, port 389 failed: Operation timed out.[ 8283] Unable to start TLS: Can't contact LDAP server[ 8283] Unable to connect to LDAP (Active Directory) service on dc6.AD.local**[ 8283] FAILURE: Unable to make a connection (LDAP (Active Directory):AD.local), result: 6942[ 8284] Could not get credentials via LDAP for Windows user 'UnixUser' based on SID 'S-1-5-21-111111111-2222222222-333333'[ 8284] Could not get credentials for Windows user 'UnixUser' or SID 'S-1-5-21-111111111-2222222222-333333...[Please refer to secd log for more detail!]