Likewise daemon reporting 'ERROR_OUTOFMEMORY' while adding ESXi 6.5 U1 to Active Directory domain
search cancel

Likewise daemon reporting 'ERROR_OUTOFMEMORY' while adding ESXi 6.5 U1 to Active Directory domain

book

Article ID: 328019

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

Symptoms:
Likewise daemon reporting 'ERROR_OUTOFMEMORY' while adding ESXi 6.x to Active Directory domain
  • Syslog.log:
2017-11-09T16:52:58Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913226
2017-11-09T16:53:58Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913687
2017-11-09T16:54:00Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913880
2017-11-09T16:54:00Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913881
2017-11-09T16:54:01Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913900
2017-11-09T16:54:01Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913919


Cause

This is because "LW_ERROR_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN error is thrown from Kerberos when there is some problem with the creation of computer account in the domain controller. In the packet capture, we can see that the ESXi host will be sending all Kerberos packets to the controller discovered first. However in the likewise logs the Domain Controller IP returned will be from another controller. 

This is happening because the AS-REQ traffic going to one DC and TGS-REQ going to other.

Resolution

The issue is resolved with vSphere 6.5 Patch 02. The same is mentioned under release notes for vSphere 6.5 U1d P02

Additional Information

Release notes: https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u1d-release-notes.html

Impact/Risks:
Host unable to join a domain or frequent disconnect form domain, because of this reason, host memory usage would show high and also ERROR_OUTOFMEMORY information in the likewise logs.