Re: Domain Join Error

scolombo · ‎07-12-2023

I'm trying to join a Vcenter 8.01 to an AD domain but I get this error

idm client exception: Error trying to join AD, error code [40121],

anyone had found a fix for this ?

BivasM · ‎07-12-2023

can you resolve the domain name from vcenter shell?

next place to look is the AD user you are using to join the domain, does that user have permission to join domain?

Sachchidanand · ‎07-12-2023

Are you using your domain controller's DNS on the vCenter?

It's the most comman cause for not joining to the DC

Regards,

Sachchidanand

scolombo · ‎07-12-2023

Hi all,

The problem with the error was a networking issue that we fixed but still we have something strange happening.

Now we're able to join, apparently, the vcenter to the domain:

- we see the Vcenter's computer object created in the AD

- we see the following in the vcenter

however after the required reboot, but even after a browser refresh, the situation gets back as we didn't do the join

wrinks76 · ‎12-14-2023

Also having this issue.

When I try from the command line I get this error:

/opt/likewise/bin/domainjoin-cli join domain.local user.name <password>
Joining to AD Domain: domain.local
With Computer DNS Name: USAVCENTER02.domain.local

Error: LW_ERROR_DOMAIN_IS_OFFLINE [code 0x00009cb9]

Sachchidanand · ‎12-14-2023

Please check the connectivity to AD from vCenter. Also check all the required ports should be open (both udp and tcp)

Port 88 - Kerberos authentication
Port 123 – NTP
Port 135 - RPC
Port 137 - NetBIOS Name Service
Port 139 - NetBIOS Session Service (SMB)
Port 389 - LDAP
Port 445 - Microsoft-DS Active Directory, Windows shares (SMB over TCP)
Port 464 - Kerberos - change/password changes
Port 3268- Global Catalog search

Regards,

Sachchidanand

All

Domain Join Error