I'm trying to create an active-directory account to be able to authenticate to a cluster with an ad account. As I have no cifs svm in the cluster I use a data svm with a mgmt lif on e0M for authentication as described in the system admin guide. The create fails. However, I can't see why as DNS, firewall and credentials of my userid should be ok. Hope somebody can help on this. I attach the secd.log. From what I can see it finds all necessary DCs in the environment but in the end fails to create the machine account.
Q100BPCC002::> vserver active-directory create -vserver q100bpcv002_cp01 -account-name q100bpcc002 -domain v998dpv1.v998.intern -ou OU=Fileserver,OU=Server,OU=VRZ
In order to create an Active Directory machine account, you must supply the name and password of a Windows account with sufficient privileges to add computers to the "OU=Fileserver,OU=Server,OU=VRZ"
container within the "V998DPV1.V998.INTERN" domain.
Enter the user name: j255030
Enter the password:
Warning: An account by this name already exists in Active Directory at CN=q100bpcc002,OU=Fileserver,OU=Server,OU=VRZ,DC=v998dpv1,DC=v998,DC=intern
Ok to reuse this account? {y|n}: y
Error: Machine account creation procedure failed
...
[ 1090] Successfully connected to 17.243.129.17:88 using TCP
[ 1151] Unable to connect to LSA service on
v998spwdv12124s.v998dpv1.v998.intern (Error:
RESULT_ERROR_SPINCLIENT_SOCKET_SEND_ERROR)
[ 1160] Successfully connected to 7.242.192.141:445 using TCP
[ 1173] Successfully connected to 17.243.129.17:88 using TCP
[ 1234] Unable to connect to LSA service on
v998spwdv12125s.v998dpv1.v998.intern (Error:
RESULT_ERROR_SPINCLIENT_SOCKET_SEND_ERROR)
[ 3235] TCP connection to 12.243.129.17:445 via interface
17.249.26.72 failed: (Operation timed out).
[ 3235] Could not open a socket to
'v998spwdv12121b.v998dpv1.v998.intern'
[ 3235] Unable to connect to LSA service on
v998spwdv12121b.v998dpv1.v998.intern (Error:
RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
[ 5236] TCP connection to 12.243.129.22:445 via interface
17.249.26.72 failed: (Operation timed out).
[ 5236] Could not open a socket to
'v998spwdv12126b.v998dpv1.v998.intern'
[ 5236] Unable to connect to LSA service on
v998spwdv12126b.v998dpv1.v998.intern (Error:
RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
[ 7237] TCP connection to 12.243.129.19:445 via interface
17.249.26.72 failed: (Operation timed out).
[ 7237] Could not open a socket to
'v998spwdv12123b.v998dpv1.v998.intern'
[ 7237] Unable to connect to LSA service on
v998spwdv12123b.v998dpv1.v998.intern (Error:
RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
[ 7238] No servers available for MS_LSA, vserver: 5, domain:
v998dpv1.v998.intern.
**[ 7238] FAILURE: Unable to make a connection
** (LSA:V998DPV1.V998.INTERN), result: 6940
[ 7238] Could not find Windows SID
'S-1-5-21-1374259203-670540105-1957837697-512'
[ 7239] Uncaptured failure while creating server account
Error: command failed: Failed to create the Active Directory machine account "Q100BPCC002". Reason: SecD Error: no server available.