VMware Cloud Community
Rex_Chen
Contributor
Contributor
‎09-17-2021 05:57 PM

ESXi 7.0 Update 3a lost user group on every reboot

Hi,

I created a new User and a custom Roles, then add the permission for it also click the "Add as group".

After reboot the ESXi host, I find this user do not have any permission , while I try to delete its permission in Manage permission and re-add it , it shows : vim.fault.UserNotFound . I was confused.. So i check the /etc/group find the user group which I created before reboot is missing. So I check the Role, it's still there

So It stacks here : The user did not have the right permisson because its' group is missing is the system. Can not Remove the User / Role / Permission because hey are bound.

Finally I use CLI command to add the user group :/usr/lib/vmware/busybox/bin/busybox addgroup NAME , then I can delete the delete its permission in Manage permission ,  I also need to do it again : add the permission for it also click the "Add as group" and everyting back to normal..

Is it a bug? if so I'd like to report it.

BTW, I try to find some CLI command wants to add to the local.sh to solve the problem but found nothing.

Thanks

0 Kudos
4 Replies
a_p_
Leadership
Leadership
‎09-18-2021 03:08 AM

Looks like a bug to me, i.e. the "Add as group" option shouldn't be available, nor create a /etc/group entry.
Unless I missed something, support for local groups has been removed as of ESXi 5.1.

André

PS: Just found https://kb.vmware.com/s/article/2050764

 

0 Kudos
Rex_Chen
Contributor
Contributor
‎10-29-2021 01:28 AM

Still found the bug in U3a

0 Kudos
marcferiat
Contributor
Contributor
‎05-17-2023 07:42 AM

Senhores!

Preciso de um comando que pelo putty via ssh consiga tirar do dominio. Tenho um esxi que esta com o mesmo problema mencionado acima mais não consigo nem retirar do dominio e nem alterar ou reirar os grupos que estão lá adicionado.

Poderiam me passar os comandos para retirar o servidor do dominio pelo putty?

Tags (1)
0 Kudos
wisecorteletti
Contributor
Contributor
‎08-24-2023 02:14 AM

Step 1: Begin by logging into v-Center or ESXI host client. Then, proceed to enable SSH and disable the lockdown mode for the specific ESXi server.

Step 2: With the initial setup completed, you can now utilize your preferred tool for SSH access to the server. For instance, you can use a tool like Putty in Windows or terminal in linux.

Step 3: Access the ESXi server by logging in with your root ID. It might be necessary to enable direct root login if it's not already activated. This can be achieved through the ESXi Login by logging in as root and enabling direct root login.

Step 4. Start lwsmd Service

# /etc/init.d/lwsmd start

Step  5. Make lwsmd Service Persistent across reboot

# chkconfig lwsmd on

Step 6. Join ESXi host into AD Domain using domainjoin-cli command

#/usr/lib/vmware/likewise/bin/domainjoin-cli join <DOMAIN> <ID>

Please ensure that executing this command will result in a SUCCESS status. This will happen only if your ID possesses the necessary privileges to both add and remove objects within the domain controller.

Remember, the domain must be typed in capital letters example:
DOMAIN.INTRANET and correct dns configuration.

That concludes the process of joining the ESXi host to the AD domain via CLI. I trust you will discover this information to be valuable

0 Kudos