Network and Storage Protocols

CIFS Setup fails with errno=13114 reason="Unknown error. Check your input and try again."

skellner
6,342 Views

I try to do a cifs setup and don't get it working. In Zexplore this looks like this:

 

<netapp xmlns="http://www.netapp.com/filer/admin" vfiler="v998spnvv1888gl" version="1.14">

  <cifs-setup>

    <server-name>v998spnvv1888gl</server-name>

    <domain-name>v998dpv1.v998.intern</domain-name>

    <login-user>q100334</login-user>

    <login-password>password</login-password>

    <auth-type>ad</auth-type>

    <security-style>multiprotocol</security-style>

    <ou-name>OU=Fileserver,OU=Server,OU=VRZ,DC=v998dpv1,DC=v998,DC=intern</ou-name>

  </cifs-setup>

</netapp>

 

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE netapp SYSTEM "/na_admin/netapp_filer.dtd">

 

<netapp version="1.1">

  <results status="failed" errno="13114" reason="Unknown error. Check your input and try again."/>

</netapp>

 

I could narrow it down to the following. It fails when I setup cifs for a new vfiler the first time. When you do the cifs setup on the cli the difference is that the cifs setup asks you which ou you want to use. On the cli I can specify the ou like this "OU=Fileserver, OU=Server, OU=VRZ" and it works. With the command above it does not. Now I terminate cifs and issue the api call again. Then it works because the ou is already known.

In the docs it says "This value must be one of the cifs-setup-ous retrieved from a call to the cifs-setup-container-list-iter APIs"

So I tried to use this api first. However, with that I get the error that it's not possible to retrieve the list of ous.

I already tried several ways to specify the ou but no way. I always get errno=13114. I don't think that it is the domain account as it is working in the cli with the same account. The OU structure is attached as a screenshot.

I don't have any more ideas. Hopefully somebody can help me. Thanks in advance.

 

Stefan

5 REPLIES 5

amirm
6,342 Views

Hi Stefan,

What result do you get if you specify the domain admin username/password while executing the api "cifs-setup-container-list-iter" ?

Regards,

-Amir

skellner
6,342 Views

Hi Amir,

<?xml version="1.0" encoding="UTF-8"?>

<netapp xmlns="http://www.netapp.com/filer/admin" version="1.14">

  <cifs-setup-ou-list-iter-start>

    <domain-name>v998dpv1.v998.intern</domain-name>

    <login-user>q100334</login-user>

    <login-password>PjuTbb9tMo8e</login-password>

  </cifs-setup-ou-list-iter-start>

</netapp>

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE netapp SYSTEM "/na_admin/netapp_filer.dtd">

<netapp version="1.1">

  <results status="failed" errno="13256" reason="Unable to retrieve the list of joinable OUs from Active Directory.">

    <tag>21024591359011548</tag>

    <records>0</records>

  </results>

</netapp>

The cifs setup in the cli looks like this. I recognized that the same error is issued there as well. However, I can specify the ou in the cli. In the api the same ou spec doesn't work.

G100BPMC002> vfiler run v998spnvv1888gl cifs setup

===== v998spnvv1888gl

This process will enable CIFS access to the filer from a Windows(R) system.

Use "?" for help at any prompt and Ctrl-C to exit without committing changes.

        Your filer does not have WINS configured and is visible only to

        clients on the same subnet.

Do you want to make the system visible via WINS? [n]:

        A filer can be configured for multiprotocol access, or as an NTFS-only

        filer. Since multiple protocols are currently licensed on this filer,

        we recommend that you configure this filer as a multiprotocol filer

(1) Multiprotocol filer

(2) NTFS-only filer

Selection (1-2)? [1]:

        The default name for this CIFS server is 'V998SPNVV1888GL'.

Would you like to change this name? [n]:

        Data ONTAP CIFS services support four styles of user authentication.

        Choose the one from the list below that best suits your situation.

(1) Active Directory domain authentication (Active Directory domains only)

(2) Windows NT 4 domain authentication (Windows NT or Active Directory domains)

(3) Windows Workgroup authentication using the filer's local user accounts

(4) /etc/passwd and/or NIS/LDAP authentication

Selection (1-4)? [1]:

What is the name of the Active Directory domain? [v998dpv1.v998.intern]:

        In order to create an Active Directory machine account for the filer,

        you must supply the name and password of a Windows account with

        sufficient privileges to add computers to the V998DPV1.V998.INTERN

        domain.

Enter the name of the Windows user [Administrator@V998DPV1.V998.INTERN]: q100334

Password for q100334:

CIFS - Logged in as q100334@V998DPV1.V998.INTERN.

        Setup was unable to retrieve a list of joinable containers

        (organizational units) from Active Directory, therefore a list of

        selectable options cannot be provided. Please enter the distinguished

        name of the container that you would like the filer to join below.

        There is no need to add the domain name portion,

        'DC=v998dpv1,DC=v998,DC=intern', of the distinguished name.

Enter the name of the organizational unit [CN=Computers]: OU=Fileserver, OU=Server, OU=VRZ

CIFS - Starting SMB protocol...

Welcome to the V998DPV1.V998.INTERN (V998DPV1) Active Directory(R) domain.

amirm
6,342 Views

One more thing to try, instead of giving complete FQDN <domain-name>v998dpv1.v998.intern</domain-name> try with just the domain name "v998dpv1"  as input to "cifs-setup-ou-list-iter-start" API.

That's how I ususally do.

Secondly for the API cifs-setup instead of this:

<ou-name>OU=Fileserver,OU=Server,OU=VRZ,DC=v998dpv1,DC=v998,DC=intern</ou-name>

try following without DC:

<ou-name>Fileserver</ou-name>

<ou-name>Server</ou-name>

<ou-name>Server</ou-name>

<ou-name>VRZ</ou-name>


Regards,

-Amir

skellner
6,342 Views

v998dpv1 doesn't work with error "can't connect to domain".

The ou structure you suggested was one of my tries too.  What I tried already is

<ou-name>Fileserver</ou-name>

<ou-name>Fileserver</ou-name>

<ou-name>Server</ou-name>

<ou-name>VRZ</ou-name>

and

<ou-name>OU=Fileserver,OU=Server,OU=VRZ</ou-name>

Regards

Stefan



amirm
6,342 Views

Hmm..what about

<ou-name>CN=Computers,OU=Fileserver,OU=Server,OU=VRZ,DC=v998dpv1,DC=v998,DC=intern</ou-name>

if not already tried..

Regards,

-Amir

Public