VMware domain controller issues

Recently I setup a couple of VMware clusters, as you may have guessed, and joined them to our company AD servers.

I followed this blog here: http://www.gabesvirtualworld.com/adding-ad-authentication-to-vmware-sso-5-1/    (thanks Gabe!) as it did a really good job of simplifying what needed to be done.

Upon going through it all, i was greeted with a error from VMware:
“Cannot complete login due to incorrect username or password.”

After tearing my hair out for quite a while, and a lot of swearing, i found the issue.

Deep in the logs i found:

[UserDirectorySso] AcquireToken SsoException: Unexpected SOAP fault: ns0:RequestFailed; request failed.

Which unlocked what i need to do to solve this.

The VMware KB article for this is here, but it doesn’t list one thing very clearly.

<short answer>
If your server has a different DNS suffix to the domain, you need to add it to the network connection settings
</shortanswer>

<long answer>
So my domain is called: win.auth.aaa.com But the computername is: vsphere1.blah.bbb.com JOINED To the aaa.com domain

The work around is to add both the win.auth.aaa.com and blah.bbb.com to the DNS suffix list (in that order)

Network and sharing center > network connections > right click on the network connection > IPv4 settings > Advanced > DNS Tab
Change the radio button to: Append these DNS suffixes (in order):
win.auth.aaa.com
blah.bbb.comSave and exit

</long answer>

Viola! Should be fixed, no restarted needed.

If this solves it for you, please comment, only so i know someone reads this blog (i only get comments as spam 🙁 )

Leave a Reply

Your email address will not be published.

Blue Captcha Image
Refresh

*

RSS
Facebook
Twitter
Pinterest
LinkedIn