We recently set up an complete VM-Ware environment at one of our customers. Initially everything was working fine after set up. Today our customer called in, reporting login issues via Horizon Client.
Issue is due to the vCenter SSO -> Invalid Credentials supplied.
To solve the issue, we tried to (re)join the vCenter to the domain which fails:
Idm client exception: Error trying to join AD, error code 
We also tried to join via CLI. This results in same Error: LW_ERROR_UNKNOWN [code 0x00009cfc]
The active directory tab in SSO configuration screen is showing the correct domain from the initial setup:
But with footnote: "The node has not joined any Active Directory yet"
domainjoin-cli query will also show, that the vCenter is not part of a Domain:
root@gaetckevcapp01 [ ~ ]# /opt/likewise/bin/domainjoin-cli query
Name = gaetckevcapp01
Any ideas on how to fix this issue?
Once you try joining ,Can you verify messages.log to understand the error message.
Please make sure your dns entry is intact within the appliance and name resolution of domain name is possible.
Thanks for your reply,
I checked messages log:
lsassd: 0x7ff69dffb700:ldap_sasl_interactive_bind_s failed with error code -1
lsassd: 0x7ff69dffb700:Unable to map ldap error 40286
lsassd: 0x7ff69dffb700:Failed to run provider specific request (request code = 8, provider = 'lsa-activedirectory-provider') -> error = 40188, symbol = LW_ERROR_UNKNOWN, client pid = 1466
But that's nothing I'm familiar with
I got it fixed. I assume that some old DNS entries were messing up the authentication with the DC.
I ended up removing all IP addresses from DNS database which are not related to the current local network. (remnants from transition old to new sever ...)
After that, the domain joining worked fine.