vRealize Automation deployment in VMware Cloud Foundation does not allow for the explicit identification of the Active Directory domain name
Article ID: 316771
Updated On:
Products
VMware Cloud Foundation
Issue/Introduction
Symptoms:
- When deploying vRealize Automation in VMware Cloud Foundation, you can not specify the name of the Active Directory domain used for the vRealize Automation IaaS Windows Servers.
- The validation or deployment stages will fail if the incorrect Active Directory domain name is used by the Cloud Foundation.
- You might see an error similar to the following in the UI during the validation stage of the installation:
Authentication with Active Directory vcf.corp.local failed for user corp\administrator.
Note: The Active Directory domain name in this example is corp.local. vcf.corp.local is the sub-domain used for VMware Cloud Foundation.
- You may see errors similar to the following in the /var/log/vmware/vcf/domainmanager/domainmanager.log file:
2018-09-26 14:44:37.405 [Executor-4] INFO [ c.v.e.s.vrealize.services.PrepareVraValidation] <a57d0b40-c19a-11e8-a99e-c7f987e378ec> Returned expanded interna
l spec for validating vRA deployment parameters: {
"vra": {
...
"activeDirectory": {
"domain": "vcf.corp.local",
"loginCredentials": {
"username": "corp\\administrator",
"password": "*****"
}
},
l spec for validating vRA deployment parameters: {
"vra": {
...
"activeDirectory": {
"domain": "vcf.corp.local",
"loginCredentials": {
"username": "corp\\administrator",
"password": "*****"
}
},
2018-09-26 14:44:50.104 [Executor-3] INFO [ c.v.e.s.v.action.AuditAdConnectivityAction] <a57d0b40-c19a-11e8-a99e-c7f987e378ec> Validating if user corp\a
dministrator is authenticated to connect to vcf.corp.local
2018-09-26 14:44:50.105 [Executor-3] INFO [ c.vmware.evo.sddc.common.validation.AdValidator] <a57d0b40-c19a-11e8-a99e-c7f987e378ec> Trying to connect to vcf.
corp.local with username corp\administrator
2018-09-26 14:44:50.118 [Executor-3] ERROR [ c.vmware.evo.sddc.common.validation.AdValidator] <a57d0b40-c19a-11e8-a99e-c7f987e378ec> Failed to connect to vcf.
corp.local with username corp\administrator
javax.naming.CommunicationException: vcf.corp.local:389
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
dministrator is authenticated to connect to vcf.corp.local
2018-09-26 14:44:50.105 [Executor-3] INFO [ c.vmware.evo.sddc.common.validation.AdValidator] <a57d0b40-c19a-11e8-a99e-c7f987e378ec> Trying to connect to vcf.
corp.local with username corp\administrator
2018-09-26 14:44:50.118 [Executor-3] ERROR [ c.vmware.evo.sddc.common.validation.AdValidator] <a57d0b40-c19a-11e8-a99e-c7f987e378ec> Failed to connect to vcf.
corp.local with username corp\administrator
javax.naming.CommunicationException: vcf.corp.local:389
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
Cause
The vRealize Automation installation derives the Active Directory domain name from the DNS suffix on the following virtual machines: IaaS Web Servers, IaaS Managers, DEM Workers and Proxy Agents. If the DNS suffix on these VMs is not the same name as the Active Directory domain name, the installation will fail.
Resolution
This is a known issue affecting VMware Cloud Foundation. There is currently no resolution.
Workaround:
To workaround this issue, ensure that the DNS suffix on the IaaS Web Servers, IaaS Managers, DEM Workers and Proxy Agents is the same as the Active Directory domain name.
Workaround:
To workaround this issue, ensure that the DNS suffix on the IaaS Web Servers, IaaS Managers, DEM Workers and Proxy Agents is the same as the Active Directory domain name.
Additional Information
To be alerted when this article is updated, click the Subscribe to Article link in the Actions box.
Feedback
Yes
No
Powered by
