^{Attempts to join an ESXi host to an Active Directory (AD) domain fail with the error:}

^{LW_STATUS_OBJECT_NAME_NOT_FOUND}

^{This prevents the ESXi host from authenticating with the AD domain, blocking domain-based user access and management.}

^{VMware vSphere Esxi 6.x} 

^{VMware vSphere Esxi 7.x} 

^{VMware vSphere Esxi 8.x} 

^{The error occurs due to stale or duplicate computer objects in Active Directory associated with the ESXi host’s DNS hostname. These remnants interfere with the Likewise agent’s ability to create a new computer object during the domain join process.}

^{When Likewise logging is enabled (per KB 313939: How to Enable Logging for Likewise Agent), the following errors may appear in /var/log/vmware/hostd.log:}

^{Hostd[2099304]: [Originator@6876 sub=Default opID=##### rhost=##.##.##.## sid=525e7aba] [module:pam_lsass]pam_do_authenticate: error [login:domain\username][error code:40022]}

^{Hostd[2099304]: [Originator@6876 sub=Default opID=##### rhost=##.##.##.## sid=525e7aba] [module:pam_lsass]pam_sm_authenticate: failed [error code:40022]}

^{Hostd[2099304]: [Originator@6876 sub=Vimsvc.HaSessionManager opID=##### sid=525e7aba] Rejected password for user domain\username [from ##.##.##.##- session=525e7aba-bd5f-9d51-9f71-cfae78802ffe}

^{Hostd[2099304]: [Originator@6876 sub=Vimsvc.ha-eventmgr opID=##### sid=525e7aba] Event 22563 : Cannot login domain\username@##.##.##.##}

^{DEBUG lwreg: RegDbGetKeyValue_inlock():sqldb_p.c:1227: Error at ../lwreg/server/providers/sqlite/sqldb_p.c:1227 [status: LW_STATUS_OBJECT_NAME_NOT_FOUND = 0xC0000034 (-1073741772)]}

^{The key indicator is LW_STATUS_OBJECT_NAME_NOT_FOUND, pointing to an AD object conflict.}

1. ^{Identify stale computer objects in Active Directory:}

^{On the AD server, run the following PowerShell command using PowerCLI:}

^{Get-ADComputer -Filter 'DNSHostName -like "Esxi*"'}

^{Replace "Esxi*" with the actual name or pattern of the affected ESXi host.}

2. ^{Verify computer object count:}

^{There should be only one computer object in AD for the ESXi host. If multiple entries are found:}

• ^{Work with the AD team to delete all stale or duplicate computer objects.}
• ^{Do not manually create the object for the ESXi host; it will be created automatically during the join process.}

3. ^{Allow AD replication to complete:}

^{Wait 10 to 30 minutes to ensure AD Domain Controllers have synchronized the changes.}

4. ^{Reattempt the domain join:}

^{On the ESXi host, use the following command to join the domain:}

^{/usr/lib/vmware/likewise/bin/domainjoin-cli join domain.name username}

^{Replace domain.name with your AD domain and username with an account that has permissions to join machines to the domain.}