Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a user attempting to access a CIFS share from a different domain. The domain is trusted. And the user authenticates to the domain controllers successfully. But then fails when attempting CIFS authentication on the NetApp. Any guidance would be greatly appreciated.
The error message in the Logs:
Login attempt by domain user "***\***" using NTLMv2 style security [176] Successfully connected to IP *.*.*.*, port 445 using TCP [360] Successfully authenticated with DC ***.*** [2524] FAILURE: Pass-through authentication failed. (Status: 0xC000005E) [2524] CIFS authentication failed [2524] Retry requested, but maximum attempts (3) reached; giving up.
Using AFF300 ontap 9.5p3
CIFS is currently using client session security over LDAP set to "Seal".
Solved! See The Solution
1 ACCEPTED SOLUTION
RajeshPanda has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Shelton,
Error 0xC000005E decodes to STATUS_NO_LOGON_SERVERS.
I would suggest we check few things as stated below :
To check if SVM is connected to DC's.
::> set di -c off ; rows 0
::*>vserver cifs domain discovered-servers show -vserver <svm> -node <node_hosting_data_lif>
To check domain trusts:
::*>vserver cifs domain trust show -vserver <svm>
Check creds for the user :
::*> diag secd authentication show-creds -vserver <svm> -node <node_hosting_data_lif> -win-name <domain\user>
Also a secd log and a packet trace would help to further narrow down the issue.
I would suggest to open a ticket with support and share the logs for further analsysis.
1 REPLY 1
RajeshPanda has accepted the solution
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Shelton,
Error 0xC000005E decodes to STATUS_NO_LOGON_SERVERS.
I would suggest we check few things as stated below :
To check if SVM is connected to DC's.
::> set di -c off ; rows 0
::*>vserver cifs domain discovered-servers show -vserver <svm> -node <node_hosting_data_lif>
To check domain trusts:
::*>vserver cifs domain trust show -vserver <svm>
Check creds for the user :
::*> diag secd authentication show-creds -vserver <svm> -node <node_hosting_data_lif> -win-name <domain\user>
Also a secd log and a packet trace would help to further narrow down the issue.
I would suggest to open a ticket with support and share the logs for further analsysis.
