Hi,
I've read a lot about numerous customers having issues with AD authentication on ESXi 6 Update 2.
These issues are documented here and in a number of threads on these forums.
http://www.v-front.de/2016/06/active-directory-issues-with-esxi-60.html
I was hoping patch release ESXi6-2016080001 which specifically mentions some AD authentication issues would fix the problems. It appears this is not the case. I am able to get AD authentication working perfectly for a time, however reboots of the ESXi hosts running this latest version cause AD authentication to start failing with the /var/log/auth.log reporting
pam_succeed_if(sshd_auth) : error retrieving information about user
When using the powershell cmdlet Get-VMHostAuthentication the following is reported...
DomainMembershipStatus: NoServers
Its as if the trust relationship with the domain fails after usual operations such as host reboots etc. Attempts to leave the domain, fail completely and timeout, whether using the vSphere client or powershell. Sometimes these attempts result in the host itself becoming unmanageable.
It appears domain authentication for ESXi6 Update 2 and later is completely unusable in its current state. My only fix for these issues has been a rebuild of the ESXi host completely after deleting the computer object from AD and then rejoining it.
