ONTAP Hardware

FAS25552 / Active Directory 2012 R2 to 2019

ThierryF34
2,585 Views

Hello to the community,


We have used an FAS2552 cluster for many years with two domain controllers (2012 R2). Today we simply added two new Windows Server 2019 domain controllers and we're having some weird behavior.


Drive mapping is particularly slow (two to three minutes to see the network drives appear). If I turn off both new DCs, the drives come back up very quickly.


If anyone has encountered this problem before, I'll be happy to know how they went about solving it!

 

Thanks in advance

 

Thierry

2 REPLIES 2

Ontapforrum
2,569 Views

Troubleshooting Workflow: DC not responding (CIFS):
https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/Troubleshooting_Workflow%3A_DC_not_responding_(CIFS)
https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_troubleshoot_slow_browsing_on_CIFS_Shares

 

Checks:
Domain Controller Latency (investigate secd.log)
While you are troubleshooting cause for the two new Dcs, use - "vserver cifs domain preferred-dc add"  to add the old-dcs that are working fine.

Possible cause: Investigate slow new DC connections, slowing down could be due to waiting for the queries to timeout before falling back to old-dc.

AlexDawson
2,489 Views

Hi there,

 

Can you please share what versions of ONTAP you're running on the FAS2552? If it is 8.x, it must be upgraded to 8.2.5P5 in order to support a Windows 2019 domain. Please be aware of this change made by microsoft - https://support.microsoft.com/en-us/topic/2020-ldap-channel-binding-and-ldap-signing-requirements-for-windows-ef185fb8-00f7-167d-744c-f299a66fc00a - you MUST be running ONTAP 8.2.5P5 to continue using Active Directory authentication for a 7-mode filer.

Public