How to determine if one defective DNS server is impacting authentication process in ONTAP?
Applies to
- ONTAP 9
- NAS
Answer
- Security Daemon (SecD) is the process responsible for authentication.
- SecD logs cover any issues connecting to name-services like DNS
example
Fri Jun 09 2023 00:17:27 +02:00 [kern_secd:info:16132] | [002.012.410] info : Failed to connect to 10.1.2.3 for DNS via Source Address XXX.XXX.XXX.XXX: Operation timed out { in SecdCbNsJournal() at src/utils/secd_ns_utils.cpp:96 }
Fri Jun 09 2023 00:17:27 +02:00 [kern_secd:info:16132] | [002.012.422] ERR : NSLIBC: __res_nsend(), ../../../../../../src/lib/libc/resolv/res_send.c:812, Vsid = 1 Timed out while connecting to DNS server: 10.1.2.3 via Source Address XXX.XXX.XXX.XXX. Error: Operation timed out
Fri Jun 09 2023 00:17:27 +02:00 [kern_secd:info:16132] | [002.014.048] debug: Vserver's operational state: running { in isVserverRunning() at src/configuration_manager/secd_configuration_manager.cpp:2807 }
Fri Jun 09 2023 00:17:27 +02:00 [kern_secd:info:16132] | [002.014.067] debug: Logged secd.dns.server.timed.out to EMS. { in logEmsEventForDnsError() at src/utils/secd_ems_utils.cpp:1009 }
Fri Jun 09 2023 00:17:27 +02:00 [kern_secd:info:16132] | [002.024.928] debug: NSLIBC: __res_nsend(), ../../../../../../src/lib/libc/resolv/res_send.c:842, Vsid = 1 Connected to 10.1.2.5 for DNS
Fri Jun 09 2023 00:17:27 +02:00 [kern_secd:info:16132] | [002.024.946] debug: NSLIBC: log_rcode_and_update_stats(), ../../../../../../src/lib/libc/resolv/res_send.c:488, Vsid = 1 Rcode received from the DNS server(10.1.2.5): 0 when querying _kerberos._udp.domain.com