Data ONTAP Discussions

DNS server is returning ldap errors

Hi All,

 

I'm getting strange errors from DNS server

 

NTAP-clstr::> event log show -message-name secd.*
Time Node Severity Event
------------------- ---------------- ------------- ---------------------------
12/12/2019 08:55:23 nodeA ERROR secd.dns.server.timed.out: DNS server 64.181.180.21 did not respond to vserver = PRDCORP within timeout interval.
12/12/2019 08:55:21 nodeA EMERGENCY secd.ldap.noServers: None of the LDAP servers configured for Vserver (PRDCORP) are currently accessible via the network.
12/12/2019 08:24:01 nodeC ERROR secd.dns.server.timed.out: DNS server 64.181.180.21 did not respond to vserver = PRDCORP within timeout interval.
12/12/2019 08:23:59 nodeC EMERGENCY secd.ldap.noServers: None of the LDAP servers configured for Vserver (PRDSCORP) are currently accessible via the network.

 

 

Upon checking i found the ip address 64.181.180.21 corresponds to one of NTP servers configured on cluster.

 

NTAP-clstr::> ntp server show
(cluster time-service ntp server show)
Server Version
------------------------------ -------
xx.xxx.xx.xxx auto
xxx.xxx.xx.xxx auto
64.181.180.21 auto

 

Can removing the server from ntp confirguration would stop these alert ?

Or Am i looking at wrong place?How to stop these alert from triggering?

 

Looking for some expert advice!!

 

3 REPLIES 3

Re: DNS server is returning ldap errors

I do not think removing the NTP configuration will solve your problem. The errors mean that ONTAP is having trouble contacting the LDAP server configured for the PRDCORP vserver. Here is a useful KB that will walk through some troubleshooting steps that can help narrow down the issue:

 

https://kb.netapp.com/app/answers/answer_view/a_id/1029829/~/how-to-troubleshoot-ldap-issues-in-clustered-data-ontap-

 

Re: DNS server is returning ldap errors

You should also check if you have a time difference between your cluster and your AD greater than 5 Minutes. If your Cluster time is more than 5 minutes behind your AD time the Kerberos ticket is expired.

Re: DNS server is returning ldap errors

Hi Donny , I checked the article earlier but as per pt.1 I verfied the the ladp is not being used as name service. As its not configured  as a source in the nsswitch configuration.

 

Hi Andre, Yea i checked that my Netapp cluster is configured with MST timezone while AD server lives in CST. And also one more strange thing i noticed on Cluster. Today logged in System Manger GUI under settings i went to Data and Time option but its not loading and screen showing "Loading information" from past 2hrs.

 

Forums