Vserver fails to join AD due to anti-virus software
Applies to
- ONTAP 9
- CIFS
- NETLOGON
Issue
When vserver attempts to join AD, the following error is observed:
- EMS output:
CIFS SMB2 Share mapping - Client Ip = xx.xx.xx.xx
[ 0 ms] Login attempt by domain user 'domain\user' using NTLMv2 style security
[ 0] No servers available for MS_NETLOGON, vserver: 5, domain: domain.
[ 4] Successfully connected to ip xx.xx.xx.xx, port 389 using TCP
[ 12] Hostname found in Name Service Cache
[ 19] Successfully connected to xx.xx.xx.xx, port 445 using TCP
[ 30] Successfully authenticated with DC domain
[ 35] Unable to connect to NetLogon service on domain (Error: RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR)
[ 2037] TCP connection to ip xx.xx.xx.xx , port 445 via interface xx.xx.xx.xx failed: Operation timed out.
[ 2037] Could not open a socket to 'server.domain'
[ 2037] Unable to connect to NetLogon service on server.domain (Error: RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
[ 2037] No servers available for MS_NETLOGON, vserver: 5, domain: domain
**[ 2037] FAILURE: Unable to make a connection (NetLogon:domain), result: 6940
[ 2037] CIFS authentication failed
- SECD output: (key in on connection reset by peer)
| [000.309.254] <000.000.154> debug: Adding new SMB2 session: serverName = mdc01.ml.ccp.com.tw, Uid = 184959075615105 { in AddNewSmb2SessionToGlobalSessionsMap() at src/FrameWork/ClientInfo.cpp:2293 }
| [000.309.840] <000.000.586> info : Successfully authenticated with DC mdc01.ml.ccp.com.tw { in connectToDomainController() at src/connection_manager/secd_connection.cpp:300 }
| [000.309.850] <000.000.010> debug: Connecting to share \\MDC01\ipc$ { in pclConnectToShare() at src/utils/secd_connection_utils.cpp:77 }
| [000.310.376] <000.000.526> debug: Succeeded; open tid: 1 { in pclConnectToShare() at src/utils/secd_connection_utils.cpp:90 }
| [000.310.391] <000.000.015> debug: No Cached scKey for vs5:MDC01 { in getSecureChannelKey() at src/configuration_manager/secd_configuration_manager.cpp:2318 }
| [000.310.397] <000.000.006> debug: Making a RPC to mgwd to get schannel key table entry { in getScKeyFromSmf() at src/configuration_manager/secd_rpc_config.cpp:112 }
| [000.311.421] <000.001.024> debug: SChannel Key for MDC01 not found { in getSChannelKey() at src/authentication/secd_seclibglue.cpp:509 }
| [000.311.428] <000.000.007> debug: Establishing a new SChannel key for MDC01 { in ensureSChannelKeyEstablished() at src/connection_manager/secd_connection.cpp:363 }
| [000.313.755] <000.002.327> ERR : HandleBytesReturnedFromRecv: Failed to receive data on socket: Connection reset by peer { in DisplayPerror() at src/Support/CustomErrors.cpp:56 }
| [000.313.764] <000.000.009> ERR : RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR:6754 in HandleBytesReturnedFromRecv() at src/FrameWork/Socket.cpp:796
| [000.313.772] <000.000.008> ERR : RESULT_ERROR_SPINCLIENT_SOCKET_RECEIVE_ERROR:6754 in ReceiveDataOnSocket() at src/FrameWork/Socket.cpp:911
| [000.313.833] <000.000.061> debug: Logged secd.conn.auth.failure to EMS { in logEmsEventForServerConnAuthError() at src/utils/secd_ems_utils.cpp:375 }
- Packet Trace output: DC resets NetrServerReqChallenge request
165 xx.xx.xx.xx xx.xx.xx.xx RPC_NETLOGON NetrServerReqChallenge request, FILER01
166 xx.xx.xx.xx xx.xx.xx.xx SMB2 Write Response
167 xx.xx.xx.xx xx.xx.xx.xx SMB2 Read Request Len:8192 Off:0 File: NETLOGON
168 xx.xx.xx.xx xx.xx.xx.xx TCP 445 48596 [RST] Seq=1327 Win=0 Len=0