CIFS shares become inaccessible after disabling NTLM on AD Domain
Applies to
- ONTAP 9
- CIFS/SMB
- Kerberos
- NTLM
Issue
- After disabling NTLM on the storage and AD Domain multiple SMB shares became inaccessible.
- The LDAP connection to the domain controller from the NetApp system failed, resulting in the following error:
Error: Validate the Ldap configuration procedure failed[0ms] Hostname found in Name Service Cache[1] Entry for host-address: 192.168.216.10 not found in the current source: FILES. Ignoring and trying next available source[1] Source: DNS unavailable. Entry for host-address: 192.168.216.10 not found in any of the available sources[1] Hostname found in Name Service Cache[2] Entry for host-address: 192.168.216.9 not found in the current source: FILES. Ignoring and trying next available source[2] Source: DNS unavailable. Entry for host-address: 192.168.216.9 not found in any of the available sources[2] Resolved LDAP servers: 192.168.216.10, 192.168.216.9. Vserver: -1[3] Failed to initiate Kerberos authentication. Trying NTLM.[5] Unable to connect to LDAP (NIS & Name Mapping) service on (Error: Invalid credentials)[6] Failed to initiate Kerberos authentication. Trying NTLM.[8] Unable to connect to LDAP (NIS & Name Mapping) service on (Error: Invalid credentials)[8] No servers available for LDAP_NIS_AND_NAME_MAPPING, vserver: -1, domain: .**[8] FAILURE: Unable to make a connection (LDAP(NIS & Name Mapping):), Result: RESULT_ERROR_SECD_NO_SERVER_AVAILABLE.