User is not authenticated, even when user mapping is set to new AD
Applies to
- ONTAP 9
- NAS
- Domain\Forest trust
Issue
AD account have been moved to another AD (trust over the forest), but user is not authenticated even when user mapping is set to new AD
cluster::> vserver name-mapping show -pattern *user1*
Vserver : vserver1
Direction: win-unix
Position Hostname IP Address/Mask
-------- ---------------- ----------------
1698 - - Pattern : new-ad\\user1
Replacement: user1
Vserver : vserver1
Direction: unix-win
Position Hostname IP Address/Mask
-------- ---------------- ----------------
1698 - - Pattern : user1
Replacement: new-ad\\user102/21/2022 10:38:19 node1 ERROR secd.nfsAuth.noCifsCred: vserver (vserver1) NFS authorization cannot retrieve CIFS credentials. Error: Get user credentials procedure failed
[ 1] Determined UNIX id 123456 is UNIX user 'user1'
[ 7] UNIX user 'user1' mapped to Windows user 'NEW.AD\user1'
[ 7] Using cached 'new.ad\user1' SID mapping.
[ 7] Using a cached connection to DC.OLD.AD
**[ 9] FAILURE: Cannot determine AD domain name for 'NEW.AD'
[ 9] Could not get credentials for Windows user 'user1' or SID 'S-x-x-x-xxxxxxxxxx-xxxxxxxxxx-xxxxxxxxxx-654321'