VMware Cloud Community
malhi_o
Enthusiast
Enthusiast

error code [40320] KB: 2134063

Hi,

Have anyone come cross this error and solved ? This error appear when  Iam joining vCetner appliance 6 to AD

KB 2134063 Currently, there is no resolution. and work around is enable the SMBv1.0 which not solution in this case , the Client decline the request.

Any tips


The "Join active directory" operation failed for the entity with the following error message. Idm client exception: Error trying to join AD, error code [40320], user [userx], domain [xxx.local], orgUnit [Ou=xx.local/Ser/pro/total]

Reply
0 Kudos
4 Replies
PCTechStream
Hot Shot
Hot Shot

Make sure your inputs are correct: ((POSSIBLE TROUBLESHOOTING OPTIONS))

1. The credential got rights to join the domain "The account you are using to join the domain is a domain admin account"

2 . Check User Principal Name (UPN) "It Might be turned out to be incorrect UPN"

3. Verify the OU location "The OU format you input is valid"

4. NetBIOS name "Check if your NetBIOS Domain name contain CAP/lowercase letters"

5. Check identity source "Active Directory (Integrated Windows Authentication)" or 'Active Directory as an LDAP Server'

Note:

A. Try to reboot the appliance and let it sit for a while

B. Try 'Active Directory as an LDAP Server' -. to add an AD domain as an identity source

6. Check the time "time sync issue bet hosts/appliance & AD DC"

7. Try PowerCLI to join the domain LINK: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=21185...

8. Check DNS beforehand "Create the A / PTR record for VCSA"

9. Check AD DC "Verify that smb1 feature was installed on the domain controllers ROLE"

10. Try to use vSphere Web Client to join AD DC "System Configuration >> Manage >> Active Directory"

Raul.

VMware VDI Administrator

http://ITCloudStream.com/

www.ITSA.Cloud
Reply
0 Kudos
RajeevVCP4
Expert
Expert

Try this Kb , I followed same in my environment.

"Error trying to join AD, error code [40705]" when connecting vCenter Server Appliance to an Active ...

Rajeev Chauhan
VCIX-DCV6.5/VSAN/VXRAIL
Please mark help full or correct if my answer is use full for you
Reply
0 Kudos
malhi_o
Enthusiast
Enthusiast

Thanks Raul,

The service account I am using  has read only permission on the domain. Must be a domain admin?

Reply
0 Kudos
PCTechStream
Hot Shot
Hot Shot

If this is a lab, try the domain admin account "Built-in account for administering the computer/domain" not recommend it for production but if that works then you already know that you have a credential's issue. Also try this link:

Fighting with Windows 2012 R2 Directory Services, NETBIOS naming, vCenter 6.0 SSO on VCSA | mattwhit...

Raul.

www.ITSA.Cloud
Reply
0 Kudos