AD Authentication fails intermittently when using authentication proxy.
search cancel

AD Authentication fails intermittently when using authentication proxy.

book

Article ID: 411788

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

When attempting to join hosts to a windows domain through the authentication proxy the task errors out with a generic "Errors in Active Directory operations" message.

Randomly retrying the operation will succeed. 

Likewise logs show the following:

Missing client site name from DC response from dc.example.com (###.###.###.###), searched client site name was <null>

Environment

vSphere using authentication proxy

Cause

This can happen when the subnet your vCenter is on is not configured within active directory sites and services. With no defined site a domain controller to authenticate with will be randomly chosen. In some environments not all domain controllers might be reachable by the vCenter server so the operation will fail. 

Resolution

By defining the site your vCenter is associated with in AD Sites and Services the local domain controllers will be the primary source for AD related queries and operations preventing it from trying to reach domain controllers it cannot access. 

Powered by Wolken Software