VMware Cloud Community
jgaleano
Enthusiast
Enthusiast
Jump to solution

Error Gen Failure Join VCSA 5.5 - 6.0 to a domain

Hi Guys

Currently i have a big problem trying to join a VCSA 5.5 and 6.0 to a domain it always get the same error, i double checked the DNS, name resolution, netbios and NTP with everithing working well, here is the output.

darth:~ # /opt/likewise/bin/domainjoin-cli join presidencia.int Administrador

Joining to AD Domain:   presidencia.int

With Computer DNS Name: darth.presidencia.int

Administrador@PRESIDENCIA.INT's password:

Error: ERROR_GEN_FAILURE [code 0x0000001f]

I'm currently out of ideas, already cheked the win 2012R2 domain netbios issue and does not apply in this case the netbios name of the domain is the same.

The error didnt help so mucho to find out what happen.

have any ideas i will appreciate.

Best Regards

Julian

Tags (3)
1 Solution

Accepted Solutions
AveryFreeman
Enthusiast
Enthusiast
Jump to solution

I was having the GEN_FAILURE code 0x0000001f problem too, so I skeptically installed SMB1, and it worked!

I'm a little perplexed, though.  Why does something as modern as ESXi require SMB1 to function properly in an AD environment?

SMB1 has serious security issues - a vulnerability found in it was the exploitation responsible for the WannaCry virus that took down huge swaths of the UK health ministry, etc. so needless to say, I usually turn it off.

edit:  I found a reddit thread with instructions on how to enable SMB2 in ESXi and VCSA:

https://www.reddit.com/r/vmware/comments/6biy08/wannacry_smb1_and_vsphere_products/

View solution in original post

Reply
0 Kudos
4 Replies
Andre_P_Claus
Contributor
Contributor
Jump to solution

Hi Julian,

Any update on this issue? I have exactly the same problem with Windows 2003 AD (I know, I know). The funny thing is that it worked and was stable for a week. I tried to add a new AD user to a role in vCenter6 and I lost all AD information. I tried to re join vCenter6 and then I kept getting the error message. Have you tried it through the vCenter webpage? That didn't work for me either.

I have requested support on this issue and will post any updates/solutions in this section.

Regards,

André

Reply
0 Kudos
Andre_P_Claus
Contributor
Contributor
Jump to solution

Julian, we fixed the problem by running the following command from the shell:

service-control-start-all

After this command I was able to join vCenter into the domain. Don't forget to restart after you have joined and you might not get the message 'joined successful' or something similar.

Hope this helps

André

Reply
0 Kudos
sathyay2k
Contributor
Contributor
Jump to solution

Unable to add the vcsa appliance to the domain.

When we try to add the domain we will be getting the following error on the appliance.

/opt/likewise/bin/domainjoin-cli join domain user

Error: ERROR_GEN_FAILURE [code 0x0000001f]

Solution

verify  the SMB version 1 service driver by making the following registry changes on Domain Controllers:

Navigate to the following registry location:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer

Change  the value for DependOnService from "SamSS Srv2" to "SamSS Srv". After this reboot the Domain Controllers to make them use the compatible settings.

AveryFreeman
Enthusiast
Enthusiast
Jump to solution

I was having the GEN_FAILURE code 0x0000001f problem too, so I skeptically installed SMB1, and it worked!

I'm a little perplexed, though.  Why does something as modern as ESXi require SMB1 to function properly in an AD environment?

SMB1 has serious security issues - a vulnerability found in it was the exploitation responsible for the WannaCry virus that took down huge swaths of the UK health ministry, etc. so needless to say, I usually turn it off.

edit:  I found a reddit thread with instructions on how to enable SMB2 in ESXi and VCSA:

https://www.reddit.com/r/vmware/comments/6biy08/wannacry_smb1_and_vsphere_products/

Reply
0 Kudos