Skip to main content
NetApp Knowledge Base

Unable to modify permissions from security tab on CIFS shares due to unreachable DNS

  1. Last updated
  2. Save as PDF
Views:
440
Visibility:
Public
Votes:
0
Category:
fas-systems
Specialty:
nas
Last Updated:

Applies to

  • Ontap 9
  • CIFS
  • DNS

Issue

  • Unable to modify permissions on CIFS share from security tab on Windows Explorer, below error message is received.

The program cannot open the required dialog box because it cannot determine whether the computer named “cifs-server” is joined to a domain. Close this message, and try again.

permissions_security .png

  • dns check for vserver showed that the servers are down and operation timed out.

cluster::*> dns check -vserver vs_name
                      Name Server
Vserver  Name Server  Status       Status Details
-------- ------------ ------------ ----------------------------
Vs_name  10.2.x.y     down          Operation timed out.
Vs_name  10.2.x.z     down          Operation timed out.
2 entried were displayed.

  • No preferred DCs are added.
  • access-check for windows user failed to fetch details with error "Unable to contact DNS"

cluster::*> vserver services access-check authentication show-creds -vserver vs_name -win-name domain\username -node node1
Vserver : vs_name (internal ID: x)
Error: Get user credentials procedure failed
  [ 0 ms] Using cached S-1-x-21-xxxxx-xxx-xxx-xxx
          x to 'domain\username' mapping
  [ x00x] Failed to connect to 10.2.x.y for DNS via Source Address
          10.2.x.yy: Operation timed out
  [ x00x] Failed to connect to 10.2.x.z for DNS via Source Address
          10.2.x.yy: Operation timed out
**[ x00x] FAILURE: Unable to contact DNS to discover domain
**        controllers.
   [x00x] Unable to make a connection (LDAP (Active
          Directory):domain), result: 6812
   [x00x] Could not get credentials for windows user 'username'
          or SID 'S-1-x-21-xxxxx-xxx-xxx-xxx'
Error: command failed: Failed to get user credentials. Reason: "Unable to contact DNS"

  • Below errors are seen in event log show related to dns server timed out.

9/21/2023 13:27:32  node-01    ERROR         secd.dns.server.timed.out: DNS server 10.2.x.y did not respond to vserver = vs_name within timeout interval.
9/21/2023 13:26:01  node-01    ERROR         secd.dns.server.timed.out: DNS server 10.2.x.z did not respond to vserver = vs_name within timeout interval.
9/21/2023 13:25:37  node-01    ERROR         secd.cifsAuth.problem: vserver (vs_name) General CIFS authentication problem. Error: User authentication procedure failed
9/21/2023 13:25:02  node-01    ERROR         secd.dns.srv.lookup.failed: DNS server failed to look up service (_ldap._tcp.domain.com) for vserver (vs_name) with error (Operation timed out).

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.