Adding host to an Active Directory domain using vSphere Authentication proxy fails on Windows vCenter Server
Article ID: 316457
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
- In the /var/run/log/hostd.log on ESXi, you see entries similar to:
2020-06-17T06:45:00.204Z verbose hostd[13440B70] [Originator@6876 sub=PropertyProvider opID=hostd-probe-80ba user=dcui] RecordOp ASSIGN: info, haTask--vim.ServiceInstance.retrieveContent-202267195. Applied change to temp map.
CamHttpJoinComputeNode: 64
2020-06-17T06:45:01.380Z error hostd[12D40B70] [Originator@6876 sub=ActiveDirectoryAuthentication opID=kbhtkyne-f8i-h5:70000822-9b-5-80b8 user=vpxuser:VSPHERE.LOCAL\Administrator] vmwauth Exception: Exception 0x000004cd: An operation was attempted on a nonexistent network connection.
CamHttpJoinComputeNode: 64
2020-06-17T06:45:01.380Z error hostd[12D40B70] [Originator@6876 sub=ActiveDirectoryAuthentication opID=kbhtkyne-f8i-h5:70000822-9b-5-80b8 user=vpxuser:VSPHERE.LOCAL\Administrator] vmwauth Exception: Exception 0x000004cd: An operation was attempted on a nonexistent network connection.
- In C:\ProgramData\vCenterServer\logs\vmcamd on windows vCenter, you see vmcamd restarting while creating computer object for the ESXi host:
2020-06-17T06:51:50.491Z:t@19692:INFO: Creating machine account for Host 'sc1-10-78-229-148.domain.local', OU ''
2020-06-17T06:51:50.493Z:t@19692:INFO: VmCamCreateCacheKrb5Creds: DCAccountPrincipal=([email protected])
2020-06-17T06:51:50.495Z:t@19692:INFO: VmCamCreateCacheKrb5Creds: credCache = C:\Windows\TEMP\tkt017028
2020-06-17T06:51:50.619Z:t@19692:INFO: First init creds cache, UPN([email protected]), size (7) passed
2020-06-17T06:51:52.036Z:t@20540:INFO: rpc_server_use_protseq_ep() succeeded, protoSeq (ncalrpc),endPoint(VMWareCamService).
2020-06-17T06:51:52.040Z:t@20540:INFO: rpc_server_use_protseq_ep() succeeded, protoSeq (ncacn_ip_tcp),endPoint(2016).
2020-06-17T06:51:53.042Z:t@20540:INFO: RPC service status (listening)
2020-06-17T06:51:53.043Z:t@20540:INFO: HTTPS server SSL set session cache mode returned the previously set cache mode
2020-06-17T06:51:53.045Z:t@20132:INFO: VmCamAdapterSrvInit
2020-06-17T06:51:53.046Z:t@20540:INFO: Webserver started on ports [::]:7475,[::]:7476s, clientAuth disabled
2020-06-17T06:51:53.047Z:t@20540:INFO: vmcamd: started!
2020-06-17T06:51:53.047Z:t@9472:INFO: CAMAdapterMainLoop: Start
2020-06-17T06:51:50.493Z:t@19692:INFO: VmCamCreateCacheKrb5Creds: DCAccountPrincipal=([email protected])
2020-06-17T06:51:50.495Z:t@19692:INFO: VmCamCreateCacheKrb5Creds: credCache = C:\Windows\TEMP\tkt017028
2020-06-17T06:51:50.619Z:t@19692:INFO: First init creds cache, UPN([email protected]), size (7) passed
2020-06-17T06:51:52.036Z:t@20540:INFO: rpc_server_use_protseq_ep() succeeded, protoSeq (ncalrpc),endPoint(VMWareCamService).
2020-06-17T06:51:52.040Z:t@20540:INFO: rpc_server_use_protseq_ep() succeeded, protoSeq (ncacn_ip_tcp),endPoint(2016).
2020-06-17T06:51:53.042Z:t@20540:INFO: RPC service status (listening)
2020-06-17T06:51:53.043Z:t@20540:INFO: HTTPS server SSL set session cache mode returned the previously set cache mode
2020-06-17T06:51:53.045Z:t@20132:INFO: VmCamAdapterSrvInit
2020-06-17T06:51:53.046Z:t@20540:INFO: Webserver started on ports [::]:7475,[::]:7476s, clientAuth disabled
2020-06-17T06:51:53.047Z:t@20540:INFO: vmcamd: started!
2020-06-17T06:51:53.047Z:t@9472:INFO: CAMAdapterMainLoop: Start
Environment
VMware vCenter Server 6.5.x
Cause
The issue occurs due to a vmcamd crash on vCenter server because of how vmcamd allocates/frees memory on a Windows machine.
Resolution
Currently, there is no resolution.
Workaround:
For existing vCenter servers, the workaround is to directly join the ESXi host to Active Directory domain (For example without using vSphere Authentication Proxy Server). For more information on this process, see Using Active Directory to Manage ESXi Users.
Workaround:
For existing vCenter servers, the workaround is to directly join the ESXi host to Active Directory domain (For example without using vSphere Authentication Proxy Server). For more information on this process, see Using Active Directory to Manage ESXi Users.
Feedback
Yes
No
Powered by
