Actions performed against AD fail after upgrading to ESXi 6.0 Update 2
Article ID: 334485
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
Symptoms:
After upgrading to ESXi 6.0 Update 2 and joining the ESXi host to a domain, running these operations fail:
After upgrading to ESXi 6.0 Update 2 and joining the ESXi host to a domain, running these operations fail:
- Generating an ESXi log bundle.
- Assigning permissions to AD groups or users.
- Signing in to the host with AD credentials through the vSphere Client, vSphere Web Client, SSH or DCUI.
Environment
VMware vSphere ESXi 6.0
Cause
This issue occurs due to a change in ESXi 6.0 Update 2 that sets the sasl max buffer size to 4096 to prevent Likewise from consuming more memory.
Resolution
This is a known issue affecting ESXi 6.0 Update 2.
This issue is resolved in ESXi 6.0 Update 2 Patch 3. For more information, see VMware ESXi 6.0, Patch Release ESXi600-201608001 (2145663)
To work around this issue if you do not want to upgrade, increase the sasl buffer size by editing the /etc/likewise/openldap/ldap.conf file on each affected ESXi host.
Note: This work around does not persist across reboots.
To increase the sasl buffer size:
- Connect to the ESXi host with an SSH session using root credentials.
Note: If the host is not accessible through SSH, a reboot may be required.
- Run these commands to change the maximum memory allocated to the Likewise service:
- /etc/init.d/lwsmd stop && sed -i "s@4096@8192@" /etc/likewise/openldap/ldap.conf && /etc/init.d/lwsmd start
- vsish -e set /sched/groups/$(vsish -e set /sched/groupPathNameToID host vim
vmvisor likewise | cut -d ' ' -f 1)/increaseMemMinMaxInMB max=200
- /etc/init.d/lwsmd stop && sed -i "s@4096@8192@" /etc/likewise/openldap/ldap.conf && /etc/init.d/lwsmd start
Additional Information
Feedback
Yes
No
Powered by
