book
Article ID: 310484
calendar_today
Updated On:
Environment
VMware vCenter Server 4.1.x
VMware vCenter Server 5.0.x
VMware vCenter Server 4.0.x
VMware vCenter Server 5.5.x
VMware vCenter Server 5.1.x
Resolution
This issue is resolved in:
- VMware vCenter Server 4.1 Update 3 released August 30, 2012,
- VMware vCenter Server 5.0 Update 2 released December 20, 2012
- VMware vCenter Server 5.1 Update 1a released May 22, 2013
For further information, see the following:
To download the latest vCenter Server release, see the VMware Download Center.
This issue occurs if ADWS is unable to read the ports that AD LDS is configured to use for LDAP and Secure LDAP (SSL) services.
ADWS reads these registry entries to check for the configuration settings:
Key: HKLM\SYSTEM\CurrentControlSet\Services\<ADAM_INSTANCE_NAME>\Parameters
Value: Port LDAP
Type: REG_DWORD
Data: 1 – 65535 (default: 389)
Key: HKLM\SYSTEM\CurrentControlSet\Services\<ADAM_INSTANCE_NAME>\Parameters
Value: Port SSL
Type: REG_DWORD
Data: 1 – 65535 (default: 636)
To resolve this issue: - Verify that the above registry keys exist and have appropriate values.
- Ensure that the NT AUTHORITY\SYSTEM account has permission to read the values.
- Verify that ADWS runs under the Local System account.
- Ensure that the HKLM\System\CurrentControlSet\Services\<ADAM_INSTANCE_NAME>\Parameters\Port SSL
key is of type REG_DWORD. If the value is REG_SZ, you must delete it and create a new REG_DWORD with the value 636 (decimal). - Ensure that the Domain Controller LDAP server signing (HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters\LDAPServerIntegrity) is disabled (set to 1). For more information about LDAP signing, see Microsoft KB935834.