Likewise daemon reporting 'ERROR_OUTOFMEMORY' while adding ESXi 6.5 U1 to Active Directory domain
Article ID: 328019
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
Symptoms:
Likewise daemon reporting 'ERROR_OUTOFMEMORY' while adding ESXi 6.x to Active Directory domain
Likewise daemon reporting 'ERROR_OUTOFMEMORY' while adding ESXi 6.x to Active Directory domain
- Syslog.log:
2017-11-09T16:52:58Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913226
2017-11-09T16:53:58Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913687
2017-11-09T16:54:00Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913880
2017-11-09T16:54:00Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913881
2017-11-09T16:54:01Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913900
2017-11-09T16:54:01Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913919
2017-11-09T16:53:58Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913687
2017-11-09T16:54:00Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913880
2017-11-09T16:54:00Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913881
2017-11-09T16:54:01Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913900
2017-11-09T16:54:01Z lwsmd: [lsass] Failed to run provider specific request (request code = 12, provider = 'lsa-activedirectory-provider') -> error = 14, symbol = ERROR_OUTOFMEMORY, client pid = 913919
Cause
This is because "LW_ERROR_KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN error is thrown from Kerberos when there is some problem with the creation of computer account in the domain controller. In the packet capture, we can see that the ESXi host will be sending all Kerberos packets to the controller discovered first. However in the likewise logs the Domain Controller IP returned will be from another controller.
This is happening because the AS-REQ traffic going to one DC and TGS-REQ going to other.
This is happening because the AS-REQ traffic going to one DC and TGS-REQ going to other.
Resolution
The issue is resolved with vSphere 6.5 Patch 02. The same is mentioned under release notes for vSphere 6.5 U1d P02
Additional Information
Release notes: https://docs.vmware.com/en/VMware-vSphere/6.5/rn/vsphere-vcenter-server-65u1d-release-notes.html
Impact/Risks:
Host unable to join a domain or frequent disconnect form domain, because of this reason, host memory usage would show high and also ERROR_OUTOFMEMORY information in the likewise logs.
Impact/Risks:
Host unable to join a domain or frequent disconnect form domain, because of this reason, host memory usage would show high and also ERROR_OUTOFMEMORY information in the likewise logs.
Feedback
Yes
No
Powered by
