| Article Number: 524889 | Article Version: 2 | Article Type: Break Fix |
Dell EMC Unity Family
The CIFS server is in Degraded mode and not fully functioning.
1. The Security tab of file properties shows SID instead of names.
2. The CIFS server may become inaccessible.
3. EMCC4Corelogc4_safe_ktrace.log shows errors like below:
2018/08/16-20:53:04.961645 41K 7F1390BE9709 sade:KERBEROS: 3:[vdm] acquire_accept_cred: Failed to get keytab entry for principal CIFS/xxx.xxx
2018/08/16-20:53:04.961648 ~~~~ 7F1390BE9709 sade:KERBEROS: 3:[vdm] xx.xxx@xx.xxx – error No principal inkeytab matches desired name (39756033)
2018/08/16-20:53:05.477279 ~~~~ 7F1390BE9709 sade:SMB: 4:[vdm] Unsupported authentication mode: authMethod:4,kerberosSupport:1, negoMethod:0
The Host (A) entry in DNS is different from the computer name of the CIFS server, and was not added in the keytab or SPN list. For example, the computer name of the CIFS server is “example.dell.com”, but it is configured like this in DNS:
Name Type Data
example_alias Host (A) 5.6.7.8
example Alias (CNAME) example_alias.dell.com
In the output of “/nas/bin/server_cifs <vdm> -setspn -list -compname <comp_name>”, there is no SPN called “example_alias”.
There are two options;
Option 1. Make sure the Host (A) entry is identical to the computer name of the CIFS server. If the users want to access via other names, configured them as Alias (CNAME):
Name Type Data
example Host (A) 5.6.7.8
example_alias Alias (CNAME) example.dell.com
Option 2. Run “/nas/bin/server_cifs <vdm> -setspn -add <SPN> -compname <comp_name> -domain <full_domain_name> -admin <admin_name>” to add the Host (A) entry in SPN.