Skip to main content
NetApp Knowledge Base

secd.lsa.noServers due to dns failures

  1. Last updated
  2. Save as PDF
Views:
343
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9

Issue

  •  Users unable to access CIFS/SMB shares
  • EMS:

 secd.lsa.noServers

[NODE-02: secd: secd.dns.server.timed.out:error]: DNS server 192.X.X.X did not respond to vserver = SVM1 within timeout interval. 
[NODE-02: secd: secd.netlogon.noServers:EMERGENCY]: None of the Netlogon servers configured for Vserver (SVM1) are currently accessible via the network. 
[NODE-02: secd: secd.dns.srv.lookup.failed:error]: DNS server failed to look up service (_ldap._tcp.dc._msdcs.domain.com) for vserver (SVM1) with error (Operation timed out). 
[NODE-02: secd: secd.cifsAuth.problem:error]: vserver (SVM1) General CIFS authentication problem. 
Error: Get DC connection latency times procedure failed 
[ 38 ms] Successfully connected to ip 192.X.X.X, port 389 using TCP 
[ 2047] LDAP search for the "dnsHostName" attribute(s) within base "" (scope: 0) using filter "(objectClass=*)" failed with error: Timed out 
[ 7054] Failed to connect to 1192.X.X.X for DNS via Source Address 192.X.X.X: Operation timed out 
**[ 7059] FAILURE: Unable to contact DNS to discover domain controllers. 
[ 7059] Unable to make a connection (NetLogon:DOMAIN.COM), Result: RESULT_ERROR_DNS_CANT_REACH_SERVER
[ 7061] Retry requested, but the retry window (7000 ms) has expired; giving up. 
 

  • Packet trace collected on storage while issue is reported shows there is no response from the DNS server when ONTAP is sending the query. 
  • ONTAP CLI command dns check indicates DNS is not reachable (this may differ per node):

NODE::> dns check -vserver SVM1 
Name Server Vserver Name Server Status Status Details 
------------- --------------- ------------ -------------------------- 
SVM1_CIFS 192.X.X.X down Operation timed out.

  • DC is reachable

NODE-01::> cifs check -vserver SVM1 
Vserver : SVM1
Cifs NetBIOS Name : DOMAIN
Cifs Status : Running 
Site : SITE-NAME 
Node Name DC Server Name DC Server IP Status Status Details 
--------------- -------------- --------------- ------ -------------- 
NODE-01 domain.com 192.X.X.X up Response time (msec): 118 

Note: expected output for a reachable DNS

NODE-02::> cifs check -vserver SVM1 
Vserver : SVM1 
Cifs NetBIOS Name : DOMAIN 
Cifs Status : Running 
Site : 
Node Name DC Server Name DC Server IP Status Status Details 
--------------- -------------- --------------- ------ -------------- 
NODE-02 domain.COM - down Unable to contact DNS 

Note: no entry for Site and error

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.