secd.ldap.noServers error appears approximately every hour

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 5

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

Applies to

ONTAP 9

Issue

secd.ldap.noServers error message appears approximately every hour:

secd.ldap.noServers: None of the LDAP servers configured for Vserver (XXX) are currently accessible via the network for LDAP service type (Service: LDAP (Active Directory), Operation: MapNetbiosDomainToADDomain).

SecD logs show ONTAP cannot access the Microsoft LDAP server during the error window:

00000032.01c9bb01 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.700]  debug:  ldap_sasl_interactive_bind_s returned -2  { in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:760 }

00000032.01c9bb02 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.706]  ERR  :  Unable to SASL bind to LDAP server using GSSAPI: Local error { in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:764 }

00000032.01c9bb03 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.711]  ERR  :  Additional Error Message: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure.  Minor code may provide more information (Server not found in Kerberos database)  { in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:765 }

00000032.01c9bb04 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.718]  ERR  :  RESULT_ERROR_LDAPSERVER_LOCAL_ERROR:7643 in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:767

00000032.01c9bb05 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.723]  ERR  :  ldapSaslBindGssapi: LDAP Error: (-2): 'Local error':

00000032.01c9bb06 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.751]  ERR  :  RESULT_ERROR_LDAPSERVER_LOCAL_ERROR:7643 in ldapSaslBind() at src/connection_manager/secd_connection.cpp:1146

00000032.01c9bb07 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.756]  debug:  AD-LDAP sasl bind failed. Trying again with new password  { in ldapConnectAD() at src/connection_manager/secd_connection.cpp:1293 }

00000032.01c9bb08 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.253.759]  debug:  Attemping a SASL bind as "XXX"  { in ldapSaslBind() at src/connection_manager/secd_connection.cpp:993 }

ONTAP fails to retrieve the PTR (reverse DNS) record for the AD server IP address.

00000032.01c9bac1 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.227.169]  debug:  NSLIBC: _nsdispatch(), ../../../../../../src/lib/libc/net/nsdispatch.c:1027, Vsid = 4 Result returned = 2

00000032.01c9bac2 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.227.178]  info :  Source: DNS unavailable. Entry for host-address:XXX not found in any of the available sources { in SecdCbNsJournal() at src/utils/secd_ns_utils.cpp:94 }

00000032.01c9bac3 06975e8c Wed Sep 24 2025 18:09:02 +09:00 [kern_secd:info:13033] | [000.227.451]  debug:  Found matching cache 'XXX'  { in secd_ccache_resolve() at src/utils/secd_krb_ccache.cpp:1031 }