ソース "NetApp-Security-Auditing" からのイベント ID 4658 の説明が見つかりません。このイベントを発生させるコンポーネントがローカル コンピューターにインストールされていないか、インストールが壊れています。ローカル コンピューターにコンポーネントをインストールするか、コンポーネントを修復してください。
イベントが別のコンピューターから発生している場合、イベントと共に表示情報を保存する必要があります。
イベントには次の情報が含まれています:
172.17.44.87
EV_RenderedValue_2.00
false
Not Present
Not Present
Security
File
00000000000406;00;0000064f;046d016e
(nfsshare);/test3/test2.txt
メッセージ リソースは存在しますが、メッセージがメッセージ テーブルに見つかりませんでした。
The description for Event ID 4658 from source NetApp-Security-Auditing cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
172.17.44.87
EV_RenderedValue_2.00
false
Not Present
Not Present
Security
File
00000000000406;00;0000064f;046d016e
(nfsshare);/test3/test2.txt
ontap832::> vserver cifs create -cifs-server share226 -domain adosakana.local -vserver share226
In order to create an Active Directory machine account for the CIFS server, you
must supply the name and password of a Windows account with sufficient
privileges to add computers to the "CN=Computers" container within the
ADOSAKANA.LOCAL domain.
Enter the user name: administrator
Enter the password:
Error: Machine account creation procedure failed
[ 12154] Loaded the preliminary configuration.
[ 12332] Created a machine account in the domain
[ 12339] Successfully connected to 172.17.44.49:445 using TCP
[ 12351] Unable to connect to LSA service on
samba.adosakana.local (Error:
RESULT_ERROR_GENERAL_FAILURE)
[ 14357] TCP connection to 172.17.44.141:445 via interface
172.17.44.236 failed: (Operation timed out).
[ 14357] Could not open a socket to 'samba.adosakana.local'
[ 14357] Unable to connect to LSA service on
samba.adosakana.local (Error:
RESULT_ERROR_SPINCLIENT_UNABLE_TO_RESOLVE_SERVER)
[ 14357] No servers available for MS_LSA, vserver: 2, domain:
adosakana.local.
**[ 14357] FAILURE: Unable to make a connection (LSA:adosakana.local),
** result: 6940
[ 14357] Could not find Windows SID
'S-1-5-21-937304154-1581684492-536532533-512'
[ 14381] Deleted existing account
'CN=SHARE226,CN=Computers,DC=adosakana,DC=local'
Error: command failed: Failed to create the Active Directory machine account
"SHARE226". Reason: SecD Error: no server available.
ontap832::>
ontap832::> version -node *
ontap832-01:
NetApp Release 8.3.2P12: Mon Aug 14 02:57:01 UTC 2017
ontap832::>
ONTAP 8.3.2P12であれば、「SMB2 Enabled for DC Connections」が存在していた。
ontap832::> vserver cifs security show -vserver share226
Vserver: share226
Kerberos Clock Skew: - minutes
Kerberos Ticket Age: - hours
Kerberos Renewal Age: - days
Kerberos KDC Timeout: - seconds
Is Signing Required: -
Is Password Complexity Required: -
Use start_tls For AD LDAP connection: false
Is AES Encryption Enabled: false
LM Compatibility Level: lm-ntlm-ntlmv2-krb
Is SMB Encryption Required: -
SMB1 Enabled for DC Connections: -
SMB2 Enabled for DC Connections: -
ontap832::>
設定を変更
ontap832::> vserver cifs security modify -vserver share226 -smb1-enabled-for-dc-connections false -smb2-enabled-for-dc-connections true
ontap832::> vserver cifs security show -vserver share226
Vserver: share226
Kerberos Clock Skew: - minutes
Kerberos Ticket Age: - hours
Kerberos Renewal Age: - days
Kerberos KDC Timeout: - seconds
Is Signing Required: -
Is Password Complexity Required: -
Use start_tls For AD LDAP connection: false
Is AES Encryption Enabled: false
LM Compatibility Level: lm-ntlm-ntlmv2-krb
Is SMB Encryption Required: -
SMB1 Enabled for DC Connections: false
SMB2 Enabled for DC Connections: true
ontap832::>
そして、Active Directoryへの参加
ontap832::> vserver cifs create -cifs-server share226 -domain adosakana.local -vserver share226
In order to create an Active Directory machine account for the CIFS server, you
must supply the name and password of a Windows account with sufficient
privileges to add computers to the "CN=Computers" container within the
ADOSAKANA.LOCAL domain.
Enter the user name: administrator
Enter the password:
Warning: An account by this name already exists in Active Directory at
CN=SHARE226,CN=Computers,DC=adosakana,DC=local
Ok to reuse this account? {y|n}: y
ontap832::>
ontap97-sub::> storage aggregate add-disks -aggregate aggr0_ontap97_sub_01 -diskcount 3
Warning: Aggregate "aggr0_ontap97_sub_01" is a root aggregate. Adding disks to
the root aggregate is not recommended. Once added, disks cannot be
removed without reinitializing the node.
Do you want to continue? {y|n}: y
Info: Disks would be added to aggregate "aggr0_ontap97_sub_01" on node
"ontap97-sub-01" in the following manner:
First Plex
RAID Group rg0, 6 disks (block checksum, raid_dp)
Usable Physical
Position Disk Type Size Size
---------- ------------------------- ---------- -------- --------
data NET-1.19 FCAL 1000MB 1.00GB
data NET-1.27 FCAL 1000MB 1.00GB
data NET-1.20 FCAL 1000MB 1.00GB
Aggregate capacity available for volume use would be increased by 2.64GB.
Do you want to continue? {y|n}: y
ontap97-sub::>
aggregateの容量が増えたことを確認します
ontap97-sub::> storage aggregate show
Aggregate Size Available Used% State #Vols Nodes RAID Status
--------- -------- --------- ----- ------- ------ ---------------- ------------
aggr0_ontap97_sub_01 3.34GB 2.55GB 24% online 1 ontap97-sub-01 raid_dp,
normal
aggr1 14.06GB 14.00GB 0% online 3 ontap97-sub-01 raid_dp,
normal
2 entries were displayed.
ontap97-sub::> df -A -h
Aggregate total used avail capacity
aggr0_ontap97_sub_01 3420MB 812MB 2607MB 24%
aggr0_ontap97_sub_01/.snapshot 180MB 0B 180MB 0%
aggr1 14GB 61MB 14GB 0%
aggr1/.snapshot 0B 0B 0B 0%
4 entries were displayed.
ontap97-sub::>
システムボリュームの拡張
まずは現状のvol0のサイズを確認します
ontap97-sub::> volume show
Vserver Volume Aggregate State Type Size Available Used%
--------- ------------ ------------ ---------- ---- ---------- ---------- -----
ontap97-sub-01 vol0 aggr0_ontap97_sub_01 online RW 807.3MB 230.4MB 69%
1 entries were displayed.
ontap97-sub::> df -h
Filesystem total used avail capacity Mounted on Vserver
/vol/vol0/ 766MB 536MB 230MB 69% --- ontap97-sub-01
/vol/vol0/.snapshot 40MB 32MB 7824KB 81% --- ontap97-sub-01
2 entries were displayed.
ontap97-sub::>
「system node run -node ノード名 df -h」という手法でもボリューム容量を確認することができます。
ontap97-sub::> system node run -node ontap97-sub-01 df -h
Filesystem total used avail capacity Mounted on
/vol/vol0/ 766MB 544MB 222MB 71% /vol/vol0/
/vol/vol0/.snapshot 40MB 32MB 7768KB 81% /vol/vol0/.snapshot
ontap97-sub::>
現状のvol0サイズを確認するため「system node run -node ノード名 vol size vol0」を実行します。
ontap97-sub::> system node run -node ontap97-sub-01 vol size vol0
vol size: Flexible volume 'vol0' has size 826656k.
ontap97-sub::>
vol0のサイズを2GBに設定します。
ontap97-sub::> system node run -node ontap97-sub-01 vol size vol0 2g
vol size: Flexible volume 'vol0' size set to 2g.
ontap97-sub::>
容量が変わったことを確認します。
ontap97-sub::> volume show
Vserver Volume Aggregate State Type Size Available Used%
--------- ------------ ------------ ---------- ---- ---------- ---------- -----
ontap97-sub-01 vol0 aggr0_ontap97_sub_01 online RW 2GB 1.38GB 27%
1 entries were displayed.
ontap97-sub::> df -h
Filesystem total used avail capacity Mounted on Vserver
/vol/vol0/ 1945MB 536MB 1409MB 27% --- ontap97-sub-01
/vol/vol0/.snapshot 102MB 32MB 69MB 32% --- ontap97-sub-01
2 entries were displayed.
ontap97-sub::> system node run -node ontap97-sub-01 df -h
Filesystem total used avail capacity Mounted on
/vol/vol0/ 1945MB 543MB 1402MB 28% /vol/vol0/
/vol/vol0/.snapshot 102MB 32MB 69MB 32% /vol/vol0/.snapshot
ontap97-sub::>