ONTAP Discussions

After DC Update No CIFS Access (PDC BROKEN)

marshit
1,918 Views

Hello Folks, 

 

I'm running 7-mode NetApp release 8.2.5 - yes, this system is going away and EOL already. But nevertheless I have a Windows 2016 server that was updated last week. It's a VM and we changed to a different VM but used the same name as the previous so DNS didn't needed to be changed. 

 

Now I noticed that none of my CIFS connections works. When I run cifs sessions it's completly empty. I have ran testdc, prefdc, resetdc, stopped and restarted CIFS service and still no luck.

 

When I run cifs domaininfo command it says BROKEN everywhere for Favored and Preferred Addresses. 

 

What can I do next?

 

 

 

14 REPLIES 14

NetApp_SR
1,898 Views

You say its a different VM so some security identifier may have changed try "cifs terminate" and then "cifs setup". Follow the prompts to reconnect.

aladd
1,886 Views

Check to make sure of what SMB version is presently being used and authentication method between storage and the DC.

Mjizzini
1,877 Views

ONTAP is utilizing SMB1 to communicate with the DC(s) and the DC(s) cannot communicate over SMB1

Enable smb2 for DC connection on the filer, or enable smb1 on the DC.

Authentication issues after upgrading domain controller to Server 2016

paul_stejskal
1,822 Views

Did it break right after updates to Windows 2016? If so, which updates were applied?

marshit
1,819 Views

I'm on WIndows 2019 but is wasn't an OS upgrade just now, that was done months agao and has been working fine. 

 

@NetApp_SR I already tried running setup again for CIFS several times and what it did was fix the "domaininfo" to where it doesn't say "BROKEN" anymore but yet I still can't access. 

 

Now I did notice there are no computer objects within AD for for NAS filers, do those need to be manually added again? The DNS entries are still within AD and apppear to be fine.

aladd
1,793 Views

Yes, you will need a machine account on the DC in order to effectively authenticate.

 

CIFS setup should correct the machine account issue, but it sounds like we need more information on the problem.

 

Can you try to authenticate and then get the output to the following command?

 

::>event log show -event *secd*

marshit
1,701 Views

None of these commands are for 7-mode. I also had already re-added the objects to AD.

marshit
1,701 Views

Your command didn't work and that also is not a 7-mode command.

tahmad
1,681 Views

are you able to share the logs requested by aladd

marshit
1,661 Views

@tahmad That command didn't work on 8.2.5 version of 7-mode.

aladd
1,638 Views

Sorry @marshit ,

 

Can you please try to reauthenticate and then collect the output from the following:

 

>rdfile /etc/messages

AlexDawson
1,683 Views

To confirm, is it running 8.2.5P5?

marshit
1,661 Views

@AlexDawson You are correct.

Public