ONTAP Discussions
ONTAP Discussions
Hello Folks,
I'm running 7-mode NetApp release 8.2.5 - yes, this system is going away and EOL already. But nevertheless I have a Windows 2016 server that was updated last week. It's a VM and we changed to a different VM but used the same name as the previous so DNS didn't needed to be changed.
Now I noticed that none of my CIFS connections works. When I run cifs sessions it's completly empty. I have ran testdc, prefdc, resetdc, stopped and restarted CIFS service and still no luck.
When I run cifs domaininfo command it says BROKEN everywhere for Favored and Preferred Addresses.
What can I do next?
You say its a different VM so some security identifier may have changed try "cifs terminate" and then "cifs setup". Follow the prompts to reconnect.
Check to make sure of what SMB version is presently being used and authentication method between storage and the DC.
ONTAP is utilizing SMB1 to communicate with the DC(s) and the DC(s) cannot communicate over SMB1
Enable smb2 for DC connection on the filer, or enable smb1 on the DC.
Authentication issues after upgrading domain controller to Server 2016
Did it break right after updates to Windows 2016? If so, which updates were applied?
I'm on WIndows 2019 but is wasn't an OS upgrade just now, that was done months agao and has been working fine.
@NetApp_SR I already tried running setup again for CIFS several times and what it did was fix the "domaininfo" to where it doesn't say "BROKEN" anymore but yet I still can't access.
Now I did notice there are no computer objects within AD for for NAS filers, do those need to be manually added again? The DNS entries are still within AD and apppear to be fine.
Yes, you will need a machine account on the DC in order to effectively authenticate.
CIFS setup should correct the machine account issue, but it sounds like we need more information on the problem.
Can you try to authenticate and then get the output to the following command?
::>event log show -event *secd*
None of these commands are for 7-mode. I also had already re-added the objects to AD.
Your command didn't work and that also is not a 7-mode command.
are you able to share the logs requested by aladd
@tahmad That command didn't work on 8.2.5 version of 7-mode.
Sorry @marshit ,
Can you please try to reauthenticate and then collect the output from the following:
>rdfile /etc/messages
To confirm, is it running 8.2.5P5?
@AlexDawson You are correct.