2010-01-05 03:30 AM
I have a FAS3140 and am trying to register it with an MS2003 AD domain. The filer has NTP set up to sync with the AD controller, so the time is the same. When I run cifs setup, when you get to register the domain controllers, by entering the domain admin user/password it says “Could not authenticate with the domain controller. KDC policy rejects request”. The customer is not using RSA Secure ID, but is using Vasco Vacman Middleware, which does the same thing as the RSA Secure ID. This cant be removed from the DC.
There is a solution ID KB11166 which describes this error but using RSA Secure ID. We have also tried using cifs prefdc and pointing it at another domain controller and we get the same error. There are no errors in the Windows event log on the DC.
Anyone have any ideas ?
Solved! SEE THE SOLUTION
2010-01-05 05:54 AM
At first, check twice your timezones into AD domain and filer.
Pay attention: TZ:GMT+1 and, for example, TZ:Europe/Berlin is the same in times, but different for AD controller.
You need to set _same_ timezones for AD and filer, not only NTP sync.
2010-01-05 06:20 AM
The DC was set to GMT and the filer was set to Europe/London. So I changed the filer to GMT and rerun cifs setup and it completed with no errors.
That is very strange !!