Hello,
I'm trying to add a domain to my vRA environment.
However when doing that I get the error => Could not join domain: Error occurred while joining domain. Verify Domain Admin username and password is correct, and the username is the sAMAccountName. Failed to join domain. Error Code: ERROR_BAD_FORMAT. Message:
I'm sure the userids are correct.
I can resolve the domain on my appliances and there isn't a firewall in between.
I've found the same issue here in the community but there wasn't any feedback on how it was solved (Vrealize 7.0 integration with Active directory )
Anybody has some ideas on how to solve it?
Please show some screenshots of what you're doing, where, and how.
Sorry about that.
Logging on with the configurationadmin on the default tenant I go to Administration => Directories Management => Directories.
There I want to add AD over LDAP/IWA
But it gives me this error.
The config I'm doing is like this.
Choose LDAP instead to verify your credentials actually work. Whenever I see the message you show, it's almost always due to either bad credentials or incorrect way of specifying them.
Do you mean
Or do you mean
"Active Directory over LDAP" radio button.
That worked
Ok so it's probably your domain admin credentials that are the issue (suggested by the error message).
I'll check.
Problem is that I'm not part of the AD team so they can't tell me the password. Also a service account with temporary domain admin rights is not allowed.
On top of that we have different keyboards so let me see how I can do that differently.
Keep you posted.
Ok so I asked him to start an RDP session to a server in the same domain.
Keyboard settings are ok.
We connected again to the default tenant but still no luck.
We still receive the same error message.
I just checked the /var/log/vmware/horizon/connecter.log
The OU format is invalid? I'm not specifying any OU.
Does the domain admin account you're using give you privileges to put computer objects in the default OU?
What is the compatibility level of the appliance? What is the functional level of your AD?
Hello,
Not sure what you mean with "compatibility level of the appliance"
Functional level of AD is 2012 R2
I have found this article that matches my connecter.log entry VMware Knowledge Base
But I don't understand what they mean with the workaround "Setting NetBIOS name to all uppercase characters"
Change the host name of the appliance to all uppercase and then leave and rejoin the domain. The comparability level is the virtual hardware level of the appliance. I have come across issues where if a vCenter server had the most up to date virtual hardware would not be able to query AD for user and groups.
Ok the reason why I'm having this issue is because the netbios of my domain is lowercase.
So I'll need to create the necessary changes to change this to uppercase as this is a production environment.
NetBIOS names should *always* be upper-case, and not just for issues like this.
I know this is a VMware forum, but is there any documentation out there I can show my AD guys? Because for the moment they are not really convinced of changing this only for my vRA install.
You'd probably have to open a case with GSS.
Maybe the AD server have the problem !you coud make the updated package .