An ESXi host joined to Active Directory (AD) shows as "Disconnected" in vCenter Server, and all resident Virtual Machines appear in an "Invalid" or "Unknown" state. Management agents (hostd, vpxa) become unresponsive.

Symptoms:

• hostd service fails to respond to commands.
• The following error appears in vmkernel.log:
  • WARNING: World: 2706: Could not allocate new world handle for world ID: <ID>: Admission check failed for memory resource
• The following errors repeat in syslog.log
  • LW_ERROR_PASSWORD_MISMATCH
  • KRB5 Error code: -1765328360 (Message: Preauthentication failed)

VMware ESXi 7.0.x

A memory leak in the lwsmd (Likewise Service Manager) process occurs when a service account or machine account credential mismatch triggers an infinite Kerberos authentication loop, exhausting the system memory heap and preventing new process threads from spawning.

1. Log in to the ESXi Shell or DCUI and restart the management agents to reclaim memory:
   
   See KB Restarting Management Agents in ESXi for steps to do this
   
   
2. Review /var/run/log/syslog.log to identify the specific Active Directory account causing the LW_ERROR_PASSWORD_MISMATCH.
3. Update the password for the identified account in Active Directory or ensure the ESXi machine account is not expired.
4. If the error persists, remove the host from the AD domain and rejoin it:
5. Navigate to Host > Manage > Authentication.
6. Click Leave Domain.
7. Click Join Domain and provide valid administrative credentials.

ESXi host disconnects from vCenter Server (1003409)

Restarting Management Agents in ESXi