Data ONTAP Discussions

Cannot add CIFS SVM in AD

Hello,

 

Deployed an Ontap Select instance with the deploy utility, a simple AD/DNS on a Windows 2012 R2 VM, but when I try to create a CIFS SVM, it fails when trying to add it to the domain, with the following error:

 

Data ONTAP API Failed: Failed to create the Active Directory machine account "DATA1CIFS". Reason: SecD Error: no server available Details: Error: Machine account creation procedure failed [ 0 ms] Trying to create machine account 'DATA1CIFS' in 'POC.TEST' for Vserver 'Data1' [ 10] No servers configured for the service: _ldap._tcp.POC.TEST [ 10] No servers found in DNS lookup for _ldap._tcp.POC.TEST. [ 10] No servers available for MS_LDAP_AD, vserver: 2, domain: POC.TEST. [ 10] Cannot find any domain controllers; verify the domain name and the node's DNS configuration **[ 10] FAILURE: Unable to connect to any (0) domain controllers. [ 10] 'NisDomain' configuration not available [ 10] NIS configuration not found for Vserver 2 [ 15] No servers found in DNS lookup for _ldap._tcp.dc._msdcs.POC.TEST. [ 17] No servers configured for the service: _ldap._tcp.POC.TEST [ 18] No servers found in DNS lookup for _ldap._tcp.POC.TEST. [ 21] No servers found in DNS lookup for _kerberos._tcp.POC.TEST. [ 21] No servers available for MS_LDAP_AD, vserver: 2, domain: POC.TEST. . (Error: 13001)

 

DNS is working if I logon to the node, I can ping the AD VM:

 

OnTapPOC::> ping -s WindowsAD1
PING WindowsAD1.poc.test (10.127.196.230): 56 data bytes
64 bytes from 10.127.196.230: icmp_seq=0 ttl=128 time=0.145 ms
64 bytes from 10.127.196.230: icmp_seq=1 ttl=128 time=0.211 ms

 

Any idea?

 

Thanks.

3 REPLIES

Re: Cannot add CIFS SVM in AD

Check the times on all machines...CIFS issues are almost always time related.  It's Kerberos so must be less than 5 minutes.

 

Re: Cannot add CIFS SVM in AD

Hi

 

Refer a similar solved discussion; https://community.netapp.com/t5/Network-Storage-Protocols-Discussions/CIFS-not-joining-AD-domain/m-p/124585#M8544

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Re: Cannot add CIFS SVM in AD

Hello,

 

I changed the node timezone to CET since the AD is CET and the node was UTC, but this didn't solve the problem. In fact it was my fault,  I was confused by the "Domain" tab, where the row to edit is named

 
Double-click the row to edit the list of preferred domain controllers"

 

 

Since the Controller ip has to be filled in, I had put the dns name of of the DC, not the domain name itself. That's why it failed. Now everything is fine, thanks for your help anyway!

 

Forums