Network and Storage Protocols

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

windows server 2025 join domain failed

Zhangyufan
4 weeks ago
743 Views

I have a test lab with ONTAP simulator at 9.13.1 version, and Microsoft published windows server 2025 last month, so I want test ONTAP with new OS.

1.Windows server 2025 is installed and active directory service is installed.

Zhangyufan_2-1732881440392.png

 

Zhangyufan_1-1732881419262.png

 

2. During the cifs create procedure, it shows an error: Machine account creation procedure failed.

Zhangyufan_0-1732881336918.png

3. From wireshark capture, it shows kpasswd replyed an error.

 

0 Kudos
View By:
Tags (1)
4 REPLIES 4

liu
3 weeks ago
578 Views

The user account in this kb used to add a computer account is using an incorrect password 

Machine Account Creation Procedure Failed - KRB5KDC_ERR_PREAUTH_FAILED - NetApp Knowledge Base

Or the user credentials are incorrect   Machine account creation procedure failed with KRB5_REALM_UNKNOWN error - NetApp Knowledge Base

0 Kudos

CristianoRossi
NetApp
3 weeks ago
551 Views

If you check Interoperability Matrix for CIFS, Windows 2025 Server is not yet listed, so the validation is not executed yet. 

 

The error is pointing to a duplicate/reused account on Domain Controller for the SVM.

Please retry posting the full secd log for cifs create call to understand the reason for the failure

0 Kudos

Zhangyufan
3 weeks ago
In response to CristianoRossi
538 Views

thanks your reply, I don't know how to collect full secd log, bellow is what I collected logs.

 

ontap_913::*> event log show -node ontap_913-01 -event secd*
Time Node Severity Event
------------------- ---------------- ------------- ---------------------------
12/5/2024 01:34:17 ontap_913-01 ERROR secd.unexpectedFailure: Unexpected SecD failure in Vserver "svm_s3". Details: Error: Machine account creation procedure failed
[ 8142] Loaded the preliminary configuration.
[ 8216] Created a machine account in the domain
[ 8219] SID to name translations of Domain Users and Admins completed successfully
[ 8220] Successfully connected to ip 8.47.176.15, port 88 using TCP
[ 8223] Successfully connected to ip 8.47.176.15, port 464 using TCP
**[ 8298] FAILURE: Kerberos password set for 'NETAPP2$@WIN2025AD.COM' failed with Message stream modified (KRB5KRB_AP_ERR_MODIFIED)
[ 8313] Deleted existing account 'CN=NETAPP2,CN=Computers,DC=win2025ad,DC=com'
[ 8313] Retry requested, but the retry window (7000 ms) has expired; giving up.
12/5/2024 01:34:08 ontap_913-01 NOTICE secd.conn.auth.failure: Vserver (svm_s3) could not make a connection over the network to server (ip 8.46.176.15, port 389). Error: Network is unreachable (Operation: AnonymousBind).

0 Kudos

CristianoRossi
NetApp
a week ago
218 Views

It seems there is a problem on Microsoft side for kpasswd (Kerberos password change service) and it is investigated by Microsoft at the moment. 

0 Kudos
Announcements
All Community Forums
Public