{"id":431,"date":"2020-11-07T15:28:43","date_gmt":"2020-11-07T14:28:43","guid":{"rendered":"http:\/\/www.gerjon.com\/?p=431"},"modified":"2020-11-07T17:14:58","modified_gmt":"2020-11-07T16:14:58","slug":"error-31-trying-to-join-vcenter-to-ad","status":"publish","type":"post","link":"https:\/\/www.gerjon.com\/?p=431","title":{"rendered":"VMware: Error trying to join vCenter to Active Directory"},"content":{"rendered":"\n

Problem<\/span><\/strong><\/p>\n\n\n\n

I was trying to add my vCenter to my internal AD but I kept keeping the error that vCenter could not connect.<\/p>\n\n\n\n

ldm client exeption: Error trying to join AD, error code [40075], user [user], domain [domain], orgunit []<\/em><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Solution<\/span><\/strong><\/p>\n\n\n\n

First I checked if the domain was reachable via DNS from the vCenter server by connecting via SSH to the vCenter VM and pinging the domain.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

So there was no issues there, but i thought lets try the command line to see if we can add it like this. so I typed in the commands<\/p>\n\n\n\n

Shell
\/opt\/likewise\/bin\/domainjoin-cli join [domain] [user name] [password]<\/em><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

where domain, user name and password of my own domain. I got an interesting error..<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Clock skew detected with active directory server.. <\/em>
Ok so there’s a timing issue with the domain and the vcenter appliance…<\/p>\n\n\n\n

To resolve this you need to add NTP servers to the vCenter appliance!<\/p>\n\n\n\n

you must log on to the management portal :5480
And add the time servers there<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

After that double check your time settings on the VMware host(s) and the domain controller to see if they all point to the same (internal or external) NTP host<\/p>\n\n\n\n

On the domaincontroller you can use this command<\/p>\n\n\n\n

W32time \/query \/status<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

It would give you something simelar to this:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

and on the VMware host you need to check:<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

pro tip: Also check if the NTP service is running, if it is stopped as it was on my hosts you can start it via:
<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

So after checking and changing the NTP settings on the domain controller, VMware hosts and vCenter i once again tried to connect to the domain through SSH.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

And it worked :-). Don’t forget to reboot vCenter to let it authenticate to the Active Directory domain in the correct way!<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

(thanks to memegenerator.net for the meme that captured my feelings best)<\/p>\n","protected":false},"excerpt":{"rendered":"

Problem I was trying to add my vCenter to my internal AD but I kept keeping the error that vCenter could not connect. ldm client exeption: Error trying to join AD, error code [40075], user …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[14],"tags":[],"class_list":["post-431","post","type-post","status-publish","format-standard","hentry","category-vmware"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p59CpB-6X","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.gerjon.com\/index.php?rest_route=\/wp\/v2\/posts\/431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gerjon.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gerjon.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gerjon.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gerjon.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=431"}],"version-history":[{"count":0,"href":"https:\/\/www.gerjon.com\/index.php?rest_route=\/wp\/v2\/posts\/431\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.gerjon.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gerjon.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=431"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gerjon.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}