ESXi uses AD Account access Active Directory Domain Controller automatically
search cancel

ESXi uses AD Account access Active Directory Domain Controller automatically

book

Article ID: 408251

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

After user used an AD account to SSH to the ESXi CLI or log into Host Client to download the log bundle. The ESXi will use AD account access to the AD DC randomly.

Environment

VMware ESXi 8.0.3

Cause

This is a user credential refresh function. It's expected. The function Open source code location is: https://github.com/BeyondTrust/pbis-open/blob/60d0d21cbb43ad8740944e79456000a086d4687f/lsass/server/auth-providers/ad-open-provider/lsaum_p.c#L809

Resolution

Because it's code design, so can kindly ignore it.
 
Workaround:
 
By default, Likewise automatically refreshes user credentials, but you can turn off automatic refreshes by modifying the configuration of the Likewise authentication daemon.

To turn off the option, use this command
/usr/lib/vmware/likewise/bin/lwregshell set_value "[HKEY_THIS_MACHINE\Services\lsass\Parameters\Providers\ActiveDirectory]" RefreshUserCredentials 0

Use this command to restart likewise services on ESXi
 
/etc/init.d/lwsmd restart
 

Additional Information

This is not related in any way functionally to the "Delayed backup scheduled" message also seen in syslog.log or likewise.log.

Powered by Wolken Software