ONTAP Discussions

Failed to join AD Domain on Win2012 7-Mode

PedroMaldonado
4,328 Views

Hi!, 

 

 

I'm having issues when trying to joing an AD Domain on Windows 2012, when I provide the account name and password on cifs setup, I'm receiving the following error:

 

"Could not authenticate with domain controller: No Kerberos keys for this account in Active Directory.
To recover, reset account password on DC, then either wait for or force
Active Directory synchronization."

 

We have tried several times and we still have the same issue.

 

I'm using a vfiler on a DoT Version of 8.1.4P4 7-Mode and my domain is a Windows 2012 Domain.

 

 

Did anyone have seen this error before?

 

 

 

 

Regards,

Pedro

3 REPLIES 3

mbeattie
4,297 Views

Hi Pedro,

 

Have you verified the account in AD you are using to join the vFiler to the domain using cifs setup is not disabled or locked out and that the password is valid?

I checked the support database and found an old (but possibly) related bug (31832) which suggests reseting the password in AD for the account being used for cifs setup.

 

/Matt

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

PedroMaldonado
4,243 Views

Hi Matt, 

 

 

I reviewed with the owner of the account and the account has been able to add some windows servers to this domain without any issue, the issue was pressented only when we use the account fo the vfiler join process.

 

 

I will check the bug you listed.

 

 

Thanks,

 

 

Regards,

Pedro

Cbrowne20
3,591 Views

Hello,

 

We are experiencing the same issue you did.  We created a case and they recommeneded blowing out the old objects in AD (which we did) and still having the same Kerberos error with known good domain admin credentials.

 

Did you all find a solution?  If so what was it?

Public