ESXi 4.1 joined to domain, but not authenticating privileged users
Summary:
Turning on logging in the likewise agents turned up entries (netlogond.log) like these:
20110208160637:0xffe0cb90:INFO:[LWNetSrvGetDCTime() /build/mts/release/bora-234910/likewise/esxi-esxi/src/linux/netlogon/server/api/dcinfo.c:434] Determining the current time for domain ‘zsoldier.local’
20110208160637:0xffe0cb90:INFO:[LWNetSrvGetDCName() /build/mts/release/bora-234910/likewise/esxi-esxi/src/linux/netlogon/server/api/dcinfo.c:97] Looking for a DC in domain ‘zsoldier.local’, site '<null>' with flags 10
20110208160637:0xffdfbb90:INFO:[LWNetSrvGetDCName() /build/mts/release/bora-234910/likewise/esxi-esxi/src/linux/netlogon/server/api/dcinfo.c:97] Looking for a DC in domain ‘zsoldier.local’, site '<null>' with flags 0
Everything seems to work fine like adding domain users/groups permissions on the server, but it would not authenticate any the defined domain users/groups. The entry regarding ‘Determining the current time for domain’ seemed to cause the issue.
Resolution:
Make sure the server is synced up w/ a domain NTP server. Once the time is synced, domain privileged users should be able to login.
Other Stuff:
For instructions on how to setup AD Authentication on ESX 4.1 visit here:
http://ict-freak.nl/2010/09/12/how-to-configure-vsphere-4-1-active-directory-authentication/
Comments