Unable to login as a LDAP user after the ONTAP upgrade

Applies to

• ONTAP 9 and later
• CIFS
• CVO
• Domain Controller

Issue

• Unable to login as a LDAP user after the ONTAP upgrade to  9.13.1P9
• "secd.conn.auth.failure" message right before generating "secd.ldap.noServers:EMERGENCY" message

secd.conn.auth.failure:notice]: Vserver (svm001) could not make a connection over the network to server (ip 10.4.62.140, port 445). Error: Operation timed out ().
secd: secd.lsa.noServers:EMERGENCY]: None of the LSA servers configured for Vserver (svm001) are currently accessible via the network.
 

• EMS logs:

secd: secd.unexpectedFailure:error]: Unexpected SecD failure in Vserver "svm001". Details: Error: Lookup of CIFS account name procedure failed
[31570 ms] TCP connection to ip 10.x.x.x, port 445 failed: Operation timed out.
[ 31571] Unable to connect to LSA service on domainl.com (Error: RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
[ 33573] TCP connection to ip 10.x.x.x, port 445 failed: Operation timed out.
[ 33574] Unable to connect to LSA service on domain.com (Error: RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
[ 35576] TCP connection to ip 10.x.x.x, port 445 failed: Operation timed out.
[ 35577] Unable to connect to LSA service on domain.com (Error:RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
**[ 35577] FAILURE: Unable to make a connection (LSA:MYL.COM), Result: RESULT_ERROR_SECD_NO_CONNECTIONS_AVAILABLE
[ 35578] Could not find Windows name 'Domain\User'
[ 35578] CIFS name lookup failed [ 35578] Retry requested, but the retry window (7000 ms) has expired; giving up.

• Domain discovery mode was set to all