Troubleshoot name service issues
Suggest changes
PDFs
When clients experience access failures due to name service issues, you can use the vserver services name-service getxxbyyy command family to manually perform various name service lookups and examine the details and results of the lookup to help with troubleshooting.
-
For each command, you can specify the following:
-
Name of the node or storage virtual machine (SVM) to perform the lookup on.
This enables you to test name service lookups for a specific node or SVM to narrow the search for a potential name service configuration issue.
-
Whether to show the source used for the lookup.
This enables you to check whether the correct source was used.
-
-
ONTAP selects the service for performing the lookup based on the configured name service switch order.
-
These commands are available at the advanced privilege level.
-
Perform one of the following actions:
To retrieve the… |
Use the command… |
IP address of a host name |
|
Members of a group by group ID |
|
Members of a group by group name |
|
List of groups a user belongs to |
|
Host name of an IP address |
|
User information by user name |
|
User information by user ID |
|
Netgroup membership of a client |
|
Netgroup membership of a client using netgroup-by-host search |
|
The following example shows a DNS lookup test for the SVM vs1 by attempting to obtain the IP address for the host acast1.eng.example.com:
cluster1::*> vserver services name-service getxxbyyy getaddrinfo -vserver vs1 -hostname acast1.eng.example.com -address-family all -show-source true Source used for lookup: DNS Host name: acast1.eng.example.com Canonical Name: acast1.eng.example.com IPv4: 10.72.8.29
The following example shows a NIS lookup test for the SVM vs1 by attempting to retrieve user information for a user with the UID 501768:
cluster1::*> vserver services name-service getxxbyyy getpwbyuid -vserver vs1 -userID 501768 -show-source true Source used for lookup: NIS pw_name: jsmith pw_passwd: $1$y8rA4XX7$/DDOXAvc2PC/IsNFozfIN0 pw_uid: 501768 pw_gid: 501768 pw_gecos: pw_dir: /home/jsmith pw_shell: /bin/bash
The following example shows an LDAP lookup test for the SVM vs1 by attempting to retrieve user information for a user with the name ldap1:
cluster1::*> vserver services name-service getxxbyyy getpwbyname -vserver vs1 -username ldap1 -use-rbac false -show-source true
Source used for lookup: LDAP
pw_name: ldap1
pw_passwd: {crypt}JSPM6yc/ilIX6
pw_uid: 10001
pw_gid: 3333
pw_gecos: ldap1 user
pw_dir: /u/ldap1
pw_shell: /bin/csh
The following example shows a netgroup lookup test for the SVM vs1 by attempting to find out whether the client dnshost0 is a member of the netgroup lnetgroup136:
cluster1::*> vserver services name-service getxxbyyy netgrp -vserver vs1 -netgroup lnetgroup136 -client dnshost0 -show-source true Source used for lookup: LDAP dnshost0 is a member of lnetgroup136
-
Analyze the results of the test you performed and take the necessary action.
If the… Check the… Host name or IP address lookup failed or yielded incorrect results
DNS configuration
Lookup queried an incorrect source
Name service switch configuration
User or group lookup failed or yielded incorrect results
-
Name service switch configuration
-
Source configuration (local files, NIS domain, LDAP client)
-
Network configuration (for example, LIFs and routes)
Host name lookup failed or timed out, and the DNS server does not resolve DNS short names (for example, host1)
DNS configuration for top-level domain (TLD) queries. You can disable TLD queries using the
-is-tld-query-enabled falseoption to thevserver services name-service dns modifycommand. -
NetApp Technical Report 4668: Name Services Best Practices Guide