Seeing a lot of these errors in recent days. We had a complete shutdown for a few hours a couple of weeks ago for some maintenance. Only errors one of our 3 Win domain controllers. 1065 errors logged over the past 5 or 6 days. I don't notice any issues from this otherwise.
Severity: ERROR Source: secd Message Name: secd.conn.auth.failure Event: secd.conn.auth.failure: Vserver (vserver1) could not authenticate over the network to server (DC01). Error: Invalid credentials. Corrective Action: Ensure that the server being accessed is up and responding to requests. Ensure that there are no networking issues stopping the Vserver from communicating with this server. If the error reported is related to an authentication attempt, ensure that any related configurable user credentials are set correctly. Description: This message occurs when the Vserver cannot establish a TCP/UDP connection to or be authenticated by an outside server such as NIS, LSA, LDAP and KDC. Subsequently, some features of the storage system relying on this connection might not function correctly.
Thank you Matt for all of this information. Unfortunately, all of those commands work as expected.
vserver services name-service dns hosts show
The above command did show an error in our configuration that I am pretty certain we've corrected before. The DC listed and IP address for that DC did not match up though the IP address was an IP of another domain controller.
I honestly don't know why we configured this in the first place. It would explain why I only see errors for one of our 3 DCs as DC01 is the only host configured for the two SVMs reporting errors.
If our DNS servers are listed in the 'dns show' configuration, is there any need so specifiy them local? What is the use case for 'dns hosts create'?
So as it turned out, having the IP mismatch to the hostname in this 'dns hosts' configuration was causing these errors. Once I corrected it, the errors subsided. Still curious as to what this feature is for aside from creating a number of aliases for an IP address that are not records in DNS already.