Skip to main content
NetApp Knowledge Base

CIFS shares unavailable after upgrade to ONTAP 9.12.1P2

Views:
251
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

  • ONTAP 9.12.1P2
  • ONTAP 9.12.1P1
  • CIFS/SMB
  • LDAP

Issue

  • During a simple and SASL bind, ONTAP reaches out to the DNS server to resolve the node name which might lead to an LDAP SASL bind delay or failure. 
  • Errors in EMS log:
[?] Fri Apr 21 07:31:37 +0300 [node_01: secd: secd.dns.server.timed.out:error]: DNS server 10.10.XX.XX did not respond to vserver = vserver_1 within timeout interval.
[?] Fri Apr 21 07:31:41 +0300 [node_01: secd: secd.ldap.sasl.bind.delayed:error]: LDAP SASL bind taking longer time on server "10.110.10.41" for Vserver "vserver_1".
[?] Fri Apr 21 07:31:48 +0300 [node_01: secd: secd.ldap.sasl.bind.delayed:error]: LDAP SASL bind taking longer time on server "10.110.10.42" for Vserver "vserver_1".
[?] Fri Apr 21 07:31:55 +0300 [node_01: secd: secd.ldap.sasl.bind.delayed:error]: LDAP SASL bind taking longer time on server "10.110.10.43" for Vserver "vserver_1".
[?] Fri Apr 21 07:31:55 +0300 [node_01: secd: secd.ldap.noServers:EMERGENCY]: None of the LDAP servers configured for Vserver (vserver_1) are currently accessible via the network for LDAP service type (Service: LDAP (Active Directory), Operation: ADgetClaimName).
  • SECD logs shows ONTAP doing queries to DNS domain.corp.microsoft.com and failing since there was no DNS record in DNS server:
ERR  :  LDAP SASL bind taking long time(6 secs)  { in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:653 }
debug:  Vserver's operational state: running  { in isVserverRunning() at src/configuration_manager/secd_configuration_manager.cpp:2807 }
debug:  Logged secd.ldap.sasl.bind.delayed to EMS  { in logEmsEventForLdapError() at src/utils/secd_ems_utils.cpp:534 }
ERR  :  RESULT_ERROR_LDAPSERVER_SASL_BIND_TIMEOUT:7660 in ldapSaslBindGssapi() at src/connection_manager/secd_connection.cpp:661
ERR  :  RESULT_ERROR_LDAPSERVER_SASL_BIND_TIMEOUT:7660 in ldapSaslBind() at src/connection_manager/secd_connection.cpp:1129
ERR  :  RESULT_ERROR_LDAPSERVER_SASL_BIND_TIMEOUT:7660 in ldapConnectAD() at src/connection_manager/secd_connection.cpp:1255
ERR  :  RESULT_ERROR_LDAPSERVER_SASL_BIND_TIMEOUT:7660 in connect() at src/connection_manager/secd_connection.cpp:2517
info :  Unable to start LDAPS: (null) { in connect() at src/connection_manager/secd_connection.cpp:2647 }
debug:  LDAP TLS Alert generated is 'warning:close notify'
info :  Unable to connect to LDAP (Active Directory) service on domain.corp.microsoft.com { in addFailedConnectionJournal() at src/connection_manager/secd_connection_manager.cpp:553 }
ERR  :  RESULT_ERROR_LDAPSERVER_SASL_BIND_TIMEOUT:7660 in makeConnectionAttempt() at src/connection_manager/secd_connection_manager.cpp:1033

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.