Environment:
Windows Server 2008 Domain
2 x Windows Server 2008 32bit, vCenter Server 4.0.0 Build 258672
When trying to join the 2nd vCenter Server in Linked Mode to the 1st vCenter Server the errors below are seen.
Storage directory for LDAP instance: C:\Program Files\VMware\Infrastructure\VirtualCenter Server\VMwareVCMSDS
All IP addresses for :127.0.0.1 :
All IP addresses for :DESTINATIONSERVER01.co.uk :
IP: DESTINATIONSERVER01.co.uk/192.168.1.10
Service 'VMware VirtualCenter Management Webservices' is shutdown
Service 'VMware VirtualCenter Server' is shutdown
Verifying local VC linked mode capability
Retrieving local license key from: ldap://127.0.0.1:389/ ldap://[::1]:389/ for VC instance: 6A1905D5-8333-45DD-AD35-A18403214C30
LICENCEKEY
DormantLicenseFilesPath:C:\Program Files\VMware\Infrastructure\VirtualCenter Server\licenses\site
LicenseDLL:C:\Program Files\VMware\Infrastructure\VirtualCenter Server\vmlicense.dll
Verifying remote VC linked mode capability
Retrieving license key from: ldap://DESTINATIONSERVER.co.uk:389/ for remote VC instance: ED5757A9-B003-4D19-B512-B32167AD6644
Key:LICENCEKEY
DormantLicenseFilesPath:C:\Program Files\VMware\Infrastructure\VirtualCenter Server\licenses\site
LicenseDLL:C:\Program Files\VMware\Infrastructure\VirtualCenter Server\vmlicense.dll
All IP addresses for :127.0.0.1 :
All IP addresses for :127.0.0.1 :
All IP addresses for :DESTINATIONSERVER.co.uk :
IP: DESTINATIONSERVER.co.uk/192.168.1.10
All IP addresses for :127.0.0.1 :
All IP addresses for :127.0.0.1 :
Removing directory services instance VMwareVCMSDS
All IP addresses for :DESTINATIONSERVER.co.uk :
IP: DESTINATIONSERVER.co.uk/192.168.1.10
All IP addresses for :DESTINATIONSERVER.co.uk :
IP: DESTINATIONSERVER.co.uk/192.168.1.10
Deleted remote entry under CN=Servers,CN=Default-First-Site-Name,CN=Sites for SOURCESERVER$VMwareVCMSDS
Creating directory services instance VMwareVCMSDS
Base DN = dc=virtualcenter,dc=vmware,dc=int
Storage dir = C:\Program Files\VMware\Infrastructure\VirtualCenter Server\VMwareVCMSDS
Operation "Join instance VMwareVCMSDS" failed: : Action: Join Instance
Action: Join Instance
Action: Create replica instance
Action: Create Instance
Problem: Creation of instance VMwareVCMSDS failed: Active Directory Lightweight Directory Services could not create the NTDS Settings object for this Active Directory Lightweight Directory Services instance CN=NTDS Settings,CN=SOURCESERVER$VMwareVCMSDS,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,CN={97720DD8-4179-4D73-AB0E-10764552AB2A} on the remote AD LDS instance DESTINATIONSERVER01.co.uk:389. Ensure the provided network credentials have sufficient permissions.
Error code: 0x800706be
The remote procedure call failed.
Recovering from failed Operation "Join instance VMwareVCMSDS"
Creating directory services instance VMwareVCMSDS
Base DN = dc=virtualcenter,dc=vmware,dc=int
Storage dir = C:\Program Files\ADAM\VMwareVCMSDS
Hi Timothy,
Welcome to the forums.
It looks to be a credential issue. You can have a look at the Linked Mode Prerequisites to have information about the credentials you need during the installation process.
Hope it helps.
Regards
Franck
Hello Franck,
I have looked at the prerequistes and tested and they all seem to be ok.
+ DSN is fully working
+ Both servers are on the same domain
+ The user that I am using is a domain admin and also local admin on both servers
+ Both servers are using the DC for time and are showing the correct time
Both servers are Windows Server 2008, could there be a problem with different rights required, as 2008 is meant to be more secure?
Many Thanks
Tim
I had a similar problem setting this up and ended up being both Windows firewall and latency between the two vCenters. So this is something you may want to check out.
______________________
If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful.
Just to tie this discussion up. In the end it turned out to be a number of factors causing the issues seen, which I have listed below.
+ vLAN's access / firewall rule
+ DNS due to multiple NICs on different vLAN's
In short the rules were in place to allow the traffic but only from certain IP's to the destinations, and when I looked into it in more detail we could see that it was trying to go out of different NIC's than intended. Also the RPC rule in the firewall was not recognising the traffic as RPC. So I have also limited the RPC range that the server can use via the Microsoft article (http://support.microsoft.com/kb/154596) to narrow the port selection.