VMware Cloud Community
kristofasaert
Contributor
Contributor

vRealize 7.4 - AD integration fails ERROR_BAD_FORMAT

Hello,

I'm trying to add a domain to my vRA environment.

However when doing that I get the error => Could not join domain: Error occurred while joining domain. Verify Domain Admin username and password is correct, and the username is the sAMAccountName. Failed to join domain. Error Code: ERROR_BAD_FORMAT. Message:

I'm sure the userids are correct.
I can resolve the domain on my appliances and there isn't a firewall in between.

I've found the same issue here in the community but there wasn't any feedback on how it was solved (Vrealize 7.0 integration with Active directory )

Anybody has some ideas on how to solve it?

Reply
0 Kudos
23 Replies
daphnissov
Immortal
Immortal

Please show some screenshots of what you're doing, where, and how.

Reply
0 Kudos
kristofasaert
Contributor
Contributor

Sorry about that.

Logging on with the configurationadmin on the default tenant I go to Administration => Directories Management => Directories.

There I want to add AD over LDAP/IWA

But it gives me this error.

2019-09-18_12-09-30.png

The config I'm doing is like this.

2019-08-21_14-33-32.png

Reply
0 Kudos
daphnissov
Immortal
Immortal

Choose LDAP instead to verify your credentials actually work. Whenever I see the message you show, it's almost always due to either bad credentials or incorrect way of specifying them.

Reply
0 Kudos
kristofasaert
Contributor
Contributor

Do you mean

2019-09-18_14-17-16.png

Or do you mean

2019-09-18_14-17-53.png

Reply
0 Kudos
daphnissov
Immortal
Immortal

"Active Directory over LDAP" radio button.

Reply
0 Kudos
kristofasaert
Contributor
Contributor

That worked

2019-09-18_14-26-06.png

Reply
0 Kudos
daphnissov
Immortal
Immortal

Ok so it's probably your domain admin credentials that are the issue (suggested by the error message).

Reply
0 Kudos
kristofasaert
Contributor
Contributor

I'll check.

Problem is that I'm not part of the AD team so they can't tell me the password. Also a service account with temporary domain admin rights is not allowed.

On top of that we have different keyboards so let me see how I can do that differently.

Keep you posted.

Reply
0 Kudos
kristofasaert
Contributor
Contributor

Ok so I asked him to start an RDP session to a server in the same domain.

Keyboard settings are ok.

We connected again to the default tenant but still no luck.

We still receive the same error message.

I just checked the /var/log/vmware/horizon/connecter.log

The OU format is invalid? I'm not specifying any OU.

2019-09-18_15-49-27.png

Reply
0 Kudos
daphnissov
Immortal
Immortal

Does the domain admin account you're using give you privileges to put computer objects in the default OU?

Reply
0 Kudos
sbeaver
Leadership
Leadership

What is the compatibility level of the appliance? What is the functional level of your AD?

Steve Beaver
VMware Communities User Moderator
VMware vExpert 2009 - 2020
VMware NSX vExpert - 2019 - 2020
====
Co-Author of "VMware ESX Essentials in the Virtual Data Center"
(ISBN:1420070274) from Auerbach
Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/]
Come follow me on twitter http://www.twitter.com/sbeaver

**The Cloud is a journey, not a project.**
Reply
0 Kudos
kristofasaert
Contributor
Contributor

Hello,

Not sure what you mean with "compatibility level of the appliance"

Functional level of AD is 2012 R2

Reply
0 Kudos
kristofasaert
Contributor
Contributor

I have found this article that matches my connecter.log entry VMware Knowledge Base

But I don't understand what they mean with the workaround "Setting NetBIOS name to all uppercase characters"

Reply
0 Kudos
sbeaver
Leadership
Leadership

Change the host name of the appliance to all uppercase and then leave and rejoin the domain.  The comparability level is the virtual hardware level of the appliance.  I have come across issues where if a vCenter server had the most up to date virtual hardware would not be able to query AD for user and groups.

Steve Beaver
VMware Communities User Moderator
VMware vExpert 2009 - 2020
VMware NSX vExpert - 2019 - 2020
====
Co-Author of "VMware ESX Essentials in the Virtual Data Center"
(ISBN:1420070274) from Auerbach
Come check out my blog: [www.virtualizationpractice.com/blog|http://www.virtualizationpractice.com/blog/]
Come follow me on twitter http://www.twitter.com/sbeaver

**The Cloud is a journey, not a project.**
Reply
0 Kudos
kristofasaert
Contributor
Contributor

Ok the reason why I'm having this issue is because the netbios of my domain is lowercase.

So I'll need to create the necessary changes to change this to uppercase as this is a production environment.

2019-09-19_14-03-40.png

2019-09-19_14-03-54.png

Reply
0 Kudos
daphnissov
Immortal
Immortal

NetBIOS names should *always* be upper-case, and not just for issues like this.

Reply
0 Kudos
kristofasaert
Contributor
Contributor

I know this is a VMware forum, but is there any documentation out there I can show my AD guys? Because for the moment they are not really convinced of changing this only for my vRA install.

Reply
0 Kudos
daphnissov
Immortal
Immortal

You'd probably have to open a case with GSS.

Reply
0 Kudos
JunMinHuang388
VMware Employee
VMware Employee

Maybe the AD server have the problem !you coud make the updated package .

Reply
0 Kudos