Network and Storage Protocols

cDOT 8.2p4 problems joining AD - (Error: Strong(er) authentication required)

loudymanschwab
9,053 Views

Anyone hit this particular error when trying to join cDOT 8.2p4 SVM to AD (SVM and domain names, username, and IPs blanked out)?

Error: CIFS server creation procedure failed

  [  0 ms] Trying to create CIFS server 'XXX' in domain

           'XXX' for virtual server 'XXX'

  [    24] Found 6 domain controllers through DNS

  [    24] Connecting to LDAP (Active Directory) server

           XXX (x.x.x.x) as

           USER

**[    25] FAILURE: 'CifsServer' configuration not available

  [    29] Unable to connect to XXX

           through the x.x.x.x interface (Error: Strong(er)

           authentication required)

  [    30] Connecting to LDAP (Active Directory) server

           XXX (x.x.x.x) as

           USER

  [    35] Unable to connect to XXX

           through the x.x.x.x interface (Error: Strong(er)

           authentication required)

  [    35] Connecting to LDAP (Active Directory) server

           XXX (x.x.x.x) as

           USER

  [    43] Unable to connect to XXX

           through the x.x.x.x interface (Error: Strong(er)

           authentication required)

Error: command failed: Failed to create CIFS server XXX. Reason: LDAP Error: Strong authentication is required.

Found a few similar errors about other LDAP clients that said to set these two GPO configs, but this did not help my problem:

 

    • Domain controller: LDAP server signing requirements = None
    • Network security: LDAP client signing requirements = Negotiate

1 ACCEPTED SOLUTION

loudymanschwab
8,941 Views

Found problem to be this GPO being applied to DCs that we had set to required.  cDOT 8.2p4 does not support LDAP signing (nor LDAP SSL).

Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options\Domain controller: LDAP server signing requirements

View solution in original post

1 REPLY 1

loudymanschwab
8,942 Views

Found problem to be this GPO being applied to DCs that we had set to required.  cDOT 8.2p4 does not support LDAP signing (nor LDAP SSL).

Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options\Domain controller: LDAP server signing requirements

Public