Active Directory identity provider disconnects after login attempt with AD account
search cancel

Active Directory identity provider disconnects after login attempt with AD account

book

Article ID: 440089

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

  • ESXi is successfully connected to Active Directory
  • An AD account attempts to login to the ESXi WebUI and gets the error "Cannot complete login due to an incorrect user name or password."
  • Logging back into the ESXi WebUI with root or another local account shows AD as disconnected
  • By default, a core dump is not generated
  • ESXi host logs show lwsmd service failing and exiting

/var/run/log/syslog.log


<DATE> In(30) lwsmd[1050257]: [lwsm] Starting service: lwio
<DATE> In(30) lwsmd[1050257]: [lwsm] Starting service: rdr
<DATE> In(30) lwsmd[1050257]: [lwsm] Starting service: lsass
<DATE> In(30) lwsmd[1050257]: [lsass-ipc] Listener started
<DATE> In(30) lwsmd[1050257]: [lsass-ipc] Listening on endpoint /etc/likewise/lib/.ntlmd
<DATE> Er(27) lwsmd[1050257]: [lsass] Failed to load provider 'lsa-local-provider' from '/usr/lib/vmware/likewise/lib64/liblsass_auth_provider_local.so' - error 40040 (LW_ERROR_INVALID_AUTH_PROVIDER)
<DATE> Er(27) lwsmd[1050257]: [lsass] Failed to load provider 'lsa-vmdir-provider' from '/usr/lib/vmware/likewise/lib64/liblsass_auth_provider_vmdir.so' - error 40040 (LW_ERROR_INVALID_AUTH_PROVIDER)
<DATE> Er(27) lwsmd[1050257]: [lsass] Failed to open auth provider at path '/usr/lib/vmware/likewise/lib64/liblsass_auth_provider_local.so'
<DATE> Er(27) lwsmd[1050257]: [lsass] Failed to open auth provider at path '/usr/lib/vmware/likewise/lib64/liblsass_auth_provider_vmdir.so'
<DATE> Er(27) lwsmd[1050257]: [lsass] /usr/lib/vmware/likewise/lib64/liblsass_auth_provider_local.so: cannot open shared object file: No such file or directory
<DATE> Er(27) lwsmd[1050257]: [lsass] /usr/lib/vmware/likewise/lib64/liblsass_auth_provider_vmdir.so: cannot open shared object file: No such file or directory
   
<DATE> In(30) lwsmd[1050257]: [lsass] Disabling cell support due to cell-support configuration setting
<DATE> In(30) lwsmd[1050257]: [lsass] Machine Password Sync Thread starting
<DATE> Er(27) lwsmd[1050257]: [lsass] Error: Failed to change machine password for <DOMAIN NAME> (error = 31)
<DATE> In(30) lwsmd[1050257]: [lsass] Delayed backup scheduled
<DATE> Er(27) watchdog-lwsmd[1050543]: '/usr/lib/vmware/likewise/sbin/lwsmd ++securitydom=lwsmdDom --syslog' exited after 31 seconds (quick failure 1) 134
<DATE> In(30) watchdog-lwsmd[1050544]: Executing '/usr/lib/vmware/likewise/sbin/lwsmd ++securitydom=lwsmdDom --syslog'

Environment

ESXi 9.0.2

Cause

lwsmd is crashing after showing an invalid auth provider

Resolution

This is resolved in ESXi 9.1 

Powered by Wolken Software