Network and Storage Protocols

Access a CIFS Share from a different domain, failed

Shelton
11,421 Views

I have a user attempting to access a CIFS share from a different domain. The domain is trusted. And the user authenticates to the domain controllers successfully. But then fails when attempting CIFS authentication on the NetApp. Any guidance would be greatly appreciated.

 

The error message in the Logs:

Login attempt by domain user "***\***" using NTLMv2 style security [176] Successfully connected to IP *.*.*.*, port 445 using TCP [360] Successfully authenticated with DC ***.*** [2524] FAILURE: Pass-through authentication failed. (Status: 0xC000005E) [2524] CIFS authentication failed [2524] Retry requested, but maximum attempts (3) reached; giving up.

 

Using AFF300 ontap 9.5p3

CIFS is currently using client session security over LDAP set to "Seal". 

1 ACCEPTED SOLUTION

Vijay_ramamurthy
11,345 Views

Hi Shelton,

Error 0xC000005E  decodes to  STATUS_NO_LOGON_SERVERS.

I would suggest we check few things as stated below :


To check if SVM is connected to DC's.

::> set di -c off ; rows 0 

::*>vserver cifs domain discovered-servers show -vserver <svm> -node <node_hosting_data_lif>

 

To check domain trusts:
::*>vserver cifs domain trust show -vserver <svm>

 

Check creds for the user :
::*> diag secd authentication show-creds -vserver <svm> -node <node_hosting_data_lif> -win-name <domain\user>

 

Also a secd log and a packet trace would help to further narrow down the issue.

I would suggest to open a ticket with support and share the logs for further analsysis.  

View solution in original post

1 REPLY 1

Vijay_ramamurthy
11,346 Views

Hi Shelton,

Error 0xC000005E  decodes to  STATUS_NO_LOGON_SERVERS.

I would suggest we check few things as stated below :


To check if SVM is connected to DC's.

::> set di -c off ; rows 0 

::*>vserver cifs domain discovered-servers show -vserver <svm> -node <node_hosting_data_lif>

 

To check domain trusts:
::*>vserver cifs domain trust show -vserver <svm>

 

Check creds for the user :
::*> diag secd authentication show-creds -vserver <svm> -node <node_hosting_data_lif> -win-name <domain\user>

 

Also a secd log and a packet trace would help to further narrow down the issue.

I would suggest to open a ticket with support and share the logs for further analsysis.  

Public