ActiveDirectoryCleanupPlugin

BGATOS · ‎03-16-2015

hi Guys,

I am currently testing out the plugin.admachinecleanup.xxx inbuild vRA 6.2.0 plugins. I can see that my new VMs have this property correctly assigned, however when i destroy a machine, the machine remains in AD. A userid with appropriate credentials is specified in the build profile and i have set plugin.admachinecleanup.delete to true. The machine is added to the domain using the customisation spec in the vsphere client

I cannot see any errors or logs to suggest why this is not happening and i have been unable to find any docs to suggest what process should take place here.

Has anyone else seen this and am i missing something simple?

SkyCoop · ‎03-16-2015

Can you put a screen shot of all the properties you have configured for the AD Cleanup Plugin? I believe the workflow occurs on the DEM worker, can the DEM worker access your domain controller(s)?

NuggetGTR · ‎03-16-2015

Yeah this is poorly documented.

I have come across the same issue specifically when dealing with multiple domains.

Ports:

3268 and 3269 (Global Catalog ports)

88 (kerberos)

I also usually get the LDAP ports opened as well but the above 2 where added when computer objects where failing to delete.

Source:

Server which is hosting the vCAC iaas manager service. (Most would think its the dem worker but this is not the case for the vcac AD cleanup plugin)

Dest:

to the domain controllers of the domain your trying to remove the machine from.

on the iaas manager server the all.log would contain small errors about unable to connect and delete the object

Cheers

________________________________________ Blog: http://virtualiseme.net.au VCDX #201 Author of Mastering vRealize Operations Manager

BGATOS · ‎03-17-2015

Thanks NuggetGTR, i will check this out and let you know. Thanks

All

ActiveDirectoryCleanupPlugin