Skip to main content
NetApp Knowledge Base

Witness protocol connection fails if the client does not use NTLMv2

  1. Last updated
  2. Save as PDF
Views:
1,036
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
nas
Last Updated:

Applies to

ONTAP 9 

Issue

  • When configuring a Continuously Available (CA) share to be used in Hyper-V deployment, the witness protocol fails and Windows generates the following event log entry:

Witness Client failed to find a Witness Server for NetName \ccp1filer with error (A remote procedure call (RPC) protocol error occurred.). Retrying in (15) seconds

  • While connecting to a CA share from a Windows Server 2012 R2 client, the user can map the share successfully and create / view files; however, the SMB 3.0 Witness Protocol fails.

Windows SMBWitnessClient Event Log:
Log Name:      WitnessClientAdmin
Source:        Microsoft-Windows-SMBWitnessClient
Date:          12/25/2016 8:18:41 PM
Event ID:      6
Task Category: None
Level: Critical
Keywords:     
User:          NETWORK SERVICE
Computer:   c1slic01.ccp1.gene.com
Description:
Witness Client failed to find a Witness Server for NetName \ccp1filer with error (A remote procedure call (RPC) protocol error occurred.). Retrying in (15) seconds.

  • secd log:
[kern_secd:info:4681] .------------------------------------------------------------------------------.
[kern_secd:info:4681] |                                 RPC FAILURE:                                 |
[kern_secd:info:4681] |                        secd_rpc_auth_msrpc has failed                        |
[kern_secd:info:4681] |                     Result = 0, RPC Result = 2147483651                      |
[kern_secd:info:4681] |                   RPC received at Sat Jan  7 17:12:51 2017                   |
[kern_secd:info:4681] |------------------------------------------------------------------------------'
[kern_secd:info:4681] Failure Summary:
[kern_secd:info:4681] Error: MsRPC authentication procedure failed
[kern_secd:info:4681]   [  0 ms] Login attempt by domain user 'CCP1\C1SLIC01$' using NTLMv1 style security
[kern_secd:info:4681]   [     0] Successfully connected to 10.34.62.1:445 using TCP
[kern_secd:info:4681]   [    10] Successfully authenticated with DC ccp1sdc01.ccp1.gene.com
[kern_secd:info:4681]   [    12] User authenticated as a domain user
[kern_secd:info:4681] **[    12] FAILURE: Error case not correctly journaled
  • In packet trace capturing the Witness Protocol handshake, the absence of NTLMv2 is noted during client NTLMSSP_AUTH:


Clustered Data ONTAP 8

  • Response from SVM

Clustered Data ONTAP 8

  • By comparison, successful Witness Protocol handshake, NTLMv2 presents itself as follows:


Clustered Data ONTAP 8

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.