ALERT

This message occurs when the -bind-dn user is not configured and the -bind-as-cifs-server option is set to false in the Lightweight Directory Access Protocol (LDAP) client configuration. This LDAP configuration is not recommended because it might result in CIFS credentials being used for authentication if CIFS configuration is present (even though -bind-as-cifs-server is not set). It might also result in anonymous authentication attempts.

Configure the bind distinguished name (user) and the bind user's password using the following commands: vserver services name-service ldap client modify -bind-dn vserver services name-service ldap client modify-bind-password

The LDAP bind DN user is not configured on Vserver %s.

vserverName (STRING): Vserver associated with this operation.

ALERT

This message occurs when a connection could not be attempted to any of the configured Lightweight Directory Access Protocol (LDAP) servers. Usually, this issue is seen when the LDAP servers are slow to respond to previous connection requests and SecD has reached the maximum number of simultaneous connection requests. This issue can result in longer CIFS/NFS access times, potentially resulting in client failures or timeouts.

From an LDAP client workstation, ensure that all configured LDAP servers are responding to requests. Ensure that networking issues do not prevent the cluster from communicating with the servers.

Connection could not be attempted to the LDAP servers configured on SVM "%s" for LDAP service type (%s) because SecD has exceeded the maximum number of simultaneous connection requests.

vserverName (STRING): Storage virtual machine (SVM) associated with this operation.
ldapOperation (STRING): LDAP operation and service for which the connection is required.

ALERT

This message occurs when the server could not establish a TCP connection to a Lightweight Directory Access Protocol (LDAP) server.

From a LDAP client workstation, make sure that the LDAP server is responding to requests. Also make sure that the portmapper on the LDAP server is responding to requests. Make sure that there are no networking issues stopping the cluster from communicating with this LDAP server.

vserver (%s) could not make a connection over the network to LDAP server (%s) at address (%s) and received error (%s)

vserverName (STRING): vserver associated with this operation.
serverName (STRING): Name of the LDAP server that was not responding.
serverAddress (STRING): Address of the LDAP server that was not responding.
ldaperror (STRING): Internal LDAP client library error.

ERROR

This EMS is generated when none of the configured LDAP hostnames can be resolved.

Examine the DNS configuration for the corresponding Vserver.

None of the hostnames can be resolved for Vserver: %s.

vserverName (STRING): Vserver associated with this operation.

ERROR

This EMS is generated when some of the configured LDAP hostnames cannot be resolved.

Examine the DNS configuration for the corresponding Vserver.

Hostnames cannot be resolved for Vserver: %s, unresolvedHosts: %s.

vserverName (STRING): Vserver associated with this operation.
unresolvedHostnames (STRING): Hostnames which cannot be resolved.

EMERGENCY

This message occurs when none of the configured Lightweight Directory Access Protocol (LDAP) servers are accepting connections.

From an LDAP client workstation, make sure that all configured LDAP servers are responding to requests. Ensure that there are no networking issues stopping the cluster from communicating with the configured LDAP servers. Also, ensure that the portmapper running on the LDAP server is working correctly.

None of the LDAP servers configured for Vserver (%s) are currently accessible via the network for LDAP service type (%s).

vserverName (STRING): Vserver associated with this operation.
ldapOperation (STRING): LDAP operation and service for which the connection is required.

ERROR

This message occurs when the LDAP server fails to respond to a query and timeout occurs.

Because LDAP server timeouts might be the result of connectivity issues between the storage controller and the external service or latency in LDAP server response time, ensure that external connectivity and external services have not been disrupted.

Vserver '%s': LDAP server %s did not respond to query within timeout (%d seconds) interval.

vsName (STRING): Name of the Vserver for which LDAP response timed out.
ipaddr (STRING): IP address of the LDAP server.
timeout (INT): Number of seconds before the LDAP query is timed out.

INFORMATIONAL

This message indicates that the domain controller does not have a copy of the requested object (which exists) and it is providing a location that is more likely to hold the object.

Modify the environment to avoid LDAP referrals.

Server (%s) does not hold the target entry for ldap filter (%s) on vserver (%s).

serverAddress (STRING): Address of the LDAP server that responded with referral.
ldapSearchFilter (STRING): The Ldap search filter associated with this operation.
vserverName (STRING): Vserver associated with this operation.

ERROR

This message occurs when a Lightweight Directory Access Protocol (LDAP) server responds slowly to SASL bind requests. This might result in longer SMB/CIFS authentication times, potentially resulting in SMB/CIFS client timeouts. Also, this might affect other LDAP bind requests and Security Daemon (SecD) delays.

Ensure that there are no networking issues creating intermittent communication problems with the LDAP server. Make sure that the machine running LDAP is responsive and not overloaded.

LDAP SASL bind taking longer time on server "%s" for SVM "%s".

serverAddress (STRING): Address of the LDAP server that is not responding fast enough.
vserverName (STRING): SVM associated with this operation.

ERROR

This message indicates that the Lightweight Directory Access Protocol (LDAP) server is not responding to requests in the expected time frame.

Make sure that there are no networking issues creating intermittent communication problems with the LDAP server. Make sure that the machine running LDAP is responsive and not overloaded. From a LDAP client workstation, run LDAP commands to verify long response times.

from CIFS Server(%s) calls to LDAP server (%s) at address (%s) is executing slowly enough to adversely impact the performance of your server.

vserverName (STRING): vserver associated with this operation.
serverName (STRING): Name of the LDAP server that was not responding fast enough.
serverAddress (STRING): Address of the LDAP server that was not responding fast enough.

ERROR

This message occurs when Lightweight Directory Access Protocol (LDAP) server responses to STARTTLS requests take 5 or more seconds. This might result in longer SMB/CIFS authentication times, potentially resulting in SMB/CIFS client timeouts. Also, this might affect other LDAP bind requests and Security Daemon (SecD) delays.

Ensure that there are no networking issues creating intermittent communication problems with the LDAP server. Make sure that the machine running LDAP is responsive and not overloaded.

The STARTTLS operation is taking too long on LDAP server "%s" for SVM "%s".

serverAddress (STRING): Address of the LDAP server that is not responding fast enough.
vserverName (STRING): SVM associated with this operation.