I encountered similar issues when trying to register the CIFS against the Domain Controllers that has multiple network interfaces (and IP's in different subnets).
After some troubleshooting, I came up with the following solution:
If the AD has multiple network interfaces (and subnets), the vServer CIFS fails to register against it, it starts complaining about ldap unreachable.
What I did to solve this:
- change the GPO (default domain policy) to disable ldapsigning required
- disable all network interfaces on the domain controllers except the one used by CIFS.
- reboot domain controllers.
This way, it will register correctly. Afterwards you can enable all nics again.
But still this is not how it should be, I now get messages in the log complaining about a failure to reach the AD but the clients still seem to access the CIFS shares.
So next step is to add prefered DC's, this seems to help keeping the connection to the DC's reachable. but still gives me unreachable on those IP's:
Vserver Domain Name Preferred Domain Controllers
-------------- ----------------------------- ----------------------------------
vs_hllc HLMWEB.LOCAL 172.25.8.23, 172.25.8.24
and the discovered servers:
Domain Name Type Preference DC-Name DC-Address Status
--------------- -------- ---------- --------------- --------------- ---------
hlmweb.local MS-LDAP preferred hllc023 10.0.0.23 OK
hlmweb.local MS-LDAP adequate hllc024 10.0.0.24 undetermined
hlmweb.local MS-DC adequate hllc023 172.25.8.23 unreachable
hlmweb.local MS-DC adequate hllc024 172.25.8.24 unreachable
4 entries were displayed.
The AD/DNS is pingable and reachable on the 172.25.8 network, not on the 10.0.0 network so it's very strange that it says 10.0.0.23 is OK!
Someone else also encountering similar issues?