Failed to create the machine account with LDAP Error Local error occurred

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 3,367

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: NAS

Last Updated:

Applies to

ONTAP 9
Active Directory Server
CIFS Server
LDAP Signing or Sealing

Issue

Attempting to create an Active Directory or CIFS server for an SVM fails with the following error:

Error: command failed: Failed to create the Active Directory machine account "SVMAD". Reason: LDAP Error: Local error occurred.

EMS events are also observed from the attempt showing the Domain Controller the issue was encountered with, such as "olddc1" in this example:

[cluster-01: secd: secd.conn.auth.failure:notice]: Vserver (svmad) could not authenticate over the network to server (olddc1). Error: Local error ().

[cluster-01: secd: secd.unexpectedFailure:debug]: vserver (svmad) Unexpected failure. Error: Machine account creation procedure failed

Loaded the preliminary configuration.
Successfully connected to ip 10.100.1.100, port 88 using TCP
Successfully connected to ip 10.100.1.100, port 389 using TCP
Entry for host-address: 10.100.1.100 not found in the current source: FILES. Ignoring and trying next available source Successfully connected to ip 10.100.1.100, port 88 using TCP **
FAILURE: Unable to SASL bind to LDAP server using GSSAPI: Local error
Additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database)
Unable to connect to LDAP (Active Directory) service on olddc1.demo.netapp.com (Error: Local error)
Unable to make a connection (LDAP (Active Directory):DEMO.NETAPP.COM), result: 7643
Retry requested, but the retry window (7000 ms) has expired; giving up.