ESXi 4.1 joined to domain, but not authenticating privileged users

Summary:

Turning on logging in the likewise agents turned up entries (netlogond.log) like these:

20110208160637:0xffe0cb90:INFO:[LWNetSrvGetDCTime() /build/mts/release/bora-234910/likewise/esxi-esxi/src/linux/netlogon/server/api/dcinfo.c:434] Determining the current time for domain ‘zsoldier.local’
20110208160637:0xffe0cb90:INFO:[LWNetSrvGetDCName() /build/mts/release/bora-234910/likewise/esxi-esxi/src/linux/netlogon/server/api/dcinfo.c:97] Looking for a DC in domain ‘zsoldier.local’, site '<null>' with flags 10
20110208160637:0xffdfbb90:INFO:[LWNetSrvGetDCName() /build/mts/release/bora-234910/likewise/esxi-esxi/src/linux/netlogon/server/api/dcinfo.c:97] Looking for a DC in domain ‘zsoldier.local’, site '<null>' with flags 0

Everything seems to work fine like adding domain users/groups permissions on the server, but it would not authenticate any the defined domain users/groups.  The entry regarding ‘Determining the current time for domain’ seemed to cause the issue.

Resolution:

Make sure the server is synced up w/ a domain NTP server.  Once the time is synced, domain privileged users should be able to login.

Other Stuff:

For instructions on how to setup AD Authentication on ESX 4.1 visit here:

http://ict-freak.nl/2010/09/12/how-to-configure-vsphere-4-1-active-directory-authentication/

No comments: