Network Storage Protocols Discussions

vfiler access denied

VinStrg

None of the vfilers are access but controller is access and preferred DC showing None but from AD side nothing changed. getting below error message.

 

"Fri Apr 25 09:30:18 EDT [soho@usnjpfs04: auth.dc.trace.DCConnection.errorMsg:error]: AUTH: Domain Controller error: NetLogon error 0xc0000022: - Filer's security information differs from domain controller \\RES1US70TDC02." 

 

Thu Apr 29 00:27:23 EDT [soho@usnjpfs04: auth.trace.authenticateUser.loginTraceIP:info]: AUTH: Login attempt by user vankudot of domain NSN-INTRA from client machine 10.150.25.32 (N-20L6PF1PM31Q).
Thu Apr 29 00:27:24 EDT [soho@usnjpfs04: auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- attempting authentication with domain controller \\RES1US70TDC02.
Thu Apr 29 00:27:24 EDT [soho@usnjpfs04: auth.dc.trace.DCConnection.errorMsg:error]: AUTH: Domain Controller error: NetLogon error 0xc0000022: - Filer's security information differs from domain controller \\RES1US70TDC02.
Thu Apr 29 00:27:24 EDT [soho@usnjpfs04: auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- Retrying authentication.
Thu Apr 29 00:27:24 EDT [soho@usnjpfs04: auth.dc.trace.DCConnection.statusMsg:info]: AUTH: TraceDC- attempting authentication with domain controller \\RES1US70TDC02.
Thu Apr 29 00:27:24 EDT [soho@usnjpfs04: auth.dc.trace.DCConnection.errorMsg:error]: AUTH: Domain Controller error: NetLogon error 0xc0000022: - Filer's security information differs from domain controller \\RES1US70TDC02.
Thu Apr 29 00:27:24 EDT [soho@usnjpfs04: auth.trace.authenticateUser.loginRejected:info]: AUTH: Login attempt by user rejected by the domain controller with error 0xc0000022: STATUS_ACCESS_DENIED.

 

usnjpfs04*> vfiler status
vfiler0 running
amana running
bah running
bopp running
eclair running
french running
gigabytes running
phoenix running
poptart running
soho running
sunbeam running
usmhvcitrusfile4 running
usmhvmobfile2 running
usnjpfs04*>

 

usnjpfs04*> cifs domaininfo
NetBios Domain: RES1
Windows 2003 Domain Name: res1.lucent.com
Type: Windows 2003
Filer AD Site: tr0lp

Current Connected DCs: \\RES1US70TDC02
Total DC addresses found: 5
Preferred Addresses:
None
Favored Addresses:
135.5.136.66 RES1US70TDC02 PDC
135.5.8.66 PDC
Other Addresses:
135.120.113.195 PDC
139.188.44.213 PDC
138.120.120.24 PDC

Connected AD LDAP Server: \\res1us70tdc02.res1.lucent.com
Preferred Addresses:
None
Favored Addresses:
135.5.136.66
res1us70tdc02.res1.lucent.com
135.5.8.66
res1us70udc02.res1.lucent.com
Other Addresses:
135.120.113.195
res1fr70vdc01.res1.lucent.com
139.188.44.213
res1au00ndc01.res1.lucent.com
138.120.120.24
res1ca01zdc01.res1.lucent.com
usnjpfs04*>

1 REPLY 1

Re: vfiler access denied

Mjizzini

You need to check on each vfiler. 

 

>vfiler run soho cifs domaininfo
>vfiler run * cifs domaininfo

 

Vfiler unable to authenticate due to denied access to CIFS server machine account in Active Directory

Note that you need to specify the vfiler name in your commands. 

2021 NetApp Partner Experience Survey
PES Banner
All Community Forums
Public