VMware vSphere

 View Only

  • 1.  error code [40320] KB: 2134063

    Posted Mar 31, 2017 10:06 AM

    Hi,

    Have anyone come cross this error and solved ? This error appear when  Iam joining vCetner appliance 6 to AD

    KB 2134063 Currently, there is no resolution. and work around is enable the SMBv1.0 which not solution in this case , the Client decline the request.

    Any tips


    The "Join active directory" operation failed for the entity with the following error message. Idm client exception: Error trying to join AD, error code [40320], user [userx], domain [xxx.local], orgUnit [Ou=xx.local/Ser/pro/total]



  • 2.  RE: error code [40320] KB: 2134063

    Posted Mar 31, 2017 03:09 PM

    Make sure your inputs are correct: ((POSSIBLE TROUBLESHOOTING OPTIONS))

    1. The credential got rights to join the domain "The account you are using to join the domain is a domain admin account"

    2 . Check User Principal Name (UPN) "It Might be turned out to be incorrect UPN"

    3. Verify the OU location "The OU format you input is valid"

    4. NetBIOS name "Check if your NetBIOS Domain name contain CAP/lowercase letters"

    5. Check identity source "Active Directory (Integrated Windows Authentication)" or 'Active Directory as an LDAP Server'

    Note:

    A. Try to reboot the appliance and let it sit for a while

    B. Try 'Active Directory as an LDAP Server' -. to add an AD domain as an identity source

    6. Check the time "time sync issue bet hosts/appliance & AD DC"

    7. Try PowerCLI to join the domain LINK: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2118543

    8. Check DNS beforehand "Create the A / PTR record for VCSA"

    9. Check AD DC "Verify that smb1 feature was installed on the domain controllers ROLE"

    10. Try to use vSphere Web Client to join AD DC "System Configuration >> Manage >> Active Directory"

    Raul.

    VMware VDI Administrator

    http://ITCloudStream.com/



  • 3.  RE: error code [40320] KB: 2134063

    Posted Mar 31, 2017 09:13 PM

    Thanks Raul,

    The service account I am using  has read only permission on the domain. Must be a domain admin?



  • 4.  RE: error code [40320] KB: 2134063

    Posted Apr 03, 2017 12:48 PM

    If this is a lab, try the domain admin account "Built-in account for administering the computer/domain" not recommend it for production but if that works then you already know that you have a credential's issue. Also try this link:

    Fighting with Windows 2012 R2 Directory Services, NETBIOS naming, vCenter 6.0 SSO on VCSA | mattwhiteccie

    Raul.



  • 5.  RE: error code [40320] KB: 2134063

    Posted Mar 31, 2017 03:18 PM

    Try this Kb , I followed same in my environment.

    "Error trying to join AD, error code [40705]" when connecting vCenter Server Appliance to an Active Directory (2117709) …