ONTAP Discussions

Failed to join AD Domain on Win2012 7-Mode





I'm having issues when trying to joing an AD Domain on Windows 2012, when I provide the account name and password on cifs setup, I'm receiving the following error:


"Could not authenticate with domain controller: No Kerberos keys for this account in Active Directory.
To recover, reset account password on DC, then either wait for or force
Active Directory synchronization."


We have tried several times and we still have the same issue.


I'm using a vfiler on a DoT Version of 8.1.4P4 7-Mode and my domain is a Windows 2012 Domain.



Did anyone have seen this error before?









Hi Pedro,


Have you verified the account in AD you are using to join the vFiler to the domain using cifs setup is not disabled or locked out and that the password is valid?

I checked the support database and found an old (but possibly) related bug (31832) which suggests reseting the password in AD for the account being used for cifs setup.



If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.


Hi Matt, 



I reviewed with the owner of the account and the account has been able to add some windows servers to this domain without any issue, the issue was pressented only when we use the account fo the vfiler join process.



I will check the bug you listed.











We are experiencing the same issue you did.  We created a case and they recommeneded blowing out the old objects in AD (which we did) and still having the same Kerberos error with known good domain admin credentials.


Did you all find a solution?  If so what was it?

NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner