NFS: User Name Mapping LDAP Service Location Monitor

  • ID:  Microsoft.Windows.FileServices.Service.NFS.6.2.Server.UserNameMapping.Config.LDAPService
  • Description:  This object monitors the LDAP Service connection and generates an alert if there are problems with the connection, if the alert is enabled for this monitor.
  • Target:  NFS (Windows Server 2012)
  • Enabled:  Yes

Operational States

Name State Description
EventRaised Warning  
ManualResetEventRaised Success  

Alert Details

Monitor State Message Priority Severity Auto Resolution
EventRaised (Warning) NFS: User Name Mapping LDAP Service Location Medium Match Monitor Health Yes

Run As Profiles

Name
Default

Monitor Knowledgebase

Summary

This object monitors the LDAP service connection and generates an alert if there are problems with the connection, if the alert is enabled for this monitor.

Server for NFS enables you to control access by users and groups to Services for Network File System resources. A connection to a Lightweight Directory Access Protocol (LDAP) server allows Server for NFS to query Windows to UNIX user account mappings and grant file access to a user.

Causes

This monitor can enter a Warning health state for one of several reasons. Inspect the Windows Application event log for messages from Source Microsoft-Windows-ServicesForNFS-Server and one of the following event IDs:

  • Event 4012 indicates that Active Directory Domain Services contains multiple users that have an identical value for attribute uidNumber (the value is given in the event message text).

  • Event 4013 indicates that Active Directory Domain Services contains multiple groups that have an identical value for attribute gidNumber (the value is given in the event message text).

  • Event 4014 indicates that Active Directory Domain Services contains multiple users that have an identical value for attribute sAMAccountName (the value is given in the event message text).

  • Event 4015 indicates that Active Directory Domain Services contains multiple groups that have an identical value for attribute sAMAccountName (the value is given in the event message text).

  • Event 4017 indicates that Server for NFS could not find any Lightweight Directory Access Protocol (LDAP) accounts that match the attribute specified in the event message text.

If the health state is unknown, it means that monitoring has not yet begun for this object.

Resolutions

Configure Server for NFS to retrieve identity mapping data

To resolve the problem, use the following procedure:

1. At an elevated command prompt on the affected server, type nfsadmin mapping and identify the domain that the LDAP service is running under (AD Domain).

2. Identify the currently configured LDAP service being used by Server for NFS to retrieve identity mapping data (Mapping Server).

3. Resolve the problem based on the associated event ID. Using the administrative tools for the configured LDAP service, search for and remove any duplicate entries as indicated by the Application event log message.

The associated events and possible resolutions are:

  • Event 4012 - Try removing the duplicate UNIX UID entries.

  • Event 4013 - Try removing the duplicate UNIX GID entries.

  • Event 4014 - Try removing the duplicate sAMAccountName entries.

  • Event 4015 - Try removing the duplicate sAMAccountName entries.

  • Event 4017 - Add the necessary account information to the LDAP service.

Verification

To verify that Server for NFS is properly configured for retrieving Windows to UNIX identity mappings from the LDAP service, use the following procedure:

1. At an elevated command prompt on the affected server, type nfsadmin mapping.

2. Verify that the AD Lookup field is set to Enabled, and that AD Domain is either blank to use the computer’s parent domain, or explicitly set to the domain name to be used.

After resolving this issue, reset the monitor in the Operations console to a Healthy state.

External References
This monitor does not contain any external references.

See Also for Windows Server File & iSCSI Services Management Pack


Downloads for Windows Server File & iSCSI Services Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED