VMware Cloud Community
Prabasi
Enthusiast
Enthusiast
‎01-23-2019 12:23 PM
Jump to solution

Domain Account locking constantly on vCenter Server

Hello,

Running vCenter Server Appliance 6.5

This morning I changed vCenter SSO Identity Source from Active Directory as an LDAP Server to Active Directory (Integrated Windows Authentication using machine account for security reason. One of the AD user accounts is getting locked out like every 2 seconds. User account getting locked was managing the VMware environment before I came aboard.  All other AD user accounts added to the vCenter are working fine.

On the Domain Controller, the sources of the machine that getting the account is vcenter server with its IP address.  I am stuck what to look for and what in vCenter is causing this lockout.

Appreciate your help on this issue.

Thanks,

0 Kudos
1 Solution

Accepted Solutions
Prabasi
Enthusiast
Enthusiast
‎02-18-2019 10:03 AM
Jump to solution

Removed from the domain an re-joined multiple times which did not fix the issue.  I had to install a new vCSA, reconfigure it and shut down the old appliance which was the only solution. Support even could not fix it.

View solution in original post

0 Kudos
4 Replies
sjesse
Leadership
Leadership
‎01-23-2019 01:12 PM
Jump to solution

Is it still happening, because I wonder if you have a replication issue if its still just one. ad as ldap connects to one ad, ad integrated authentication can hit any domain controller so they could hitting any controller. If for some reason they aren't on the DC they would get denied. You would have to come through the logs on the DC controllers. I've seen scripts ran as users against vcenter that cause this and the logs have helped in the past.

0 Kudos
Prabasi
Enthusiast
Enthusiast
‎01-24-2019 05:00 AM
Jump to solution

Defintely, this is not an AD replication issue as my environment is single site with couple of DCs. Also it has been almost a day since this issue started and still the account is getting locked every two or three seconds even when the user is not using the account. I even shutdown his workstation for  a period of time and still during this time account keeps locking up. It is showing the account locked out is coming from vcenter.

There is nothing logged on vCenter->Monitor-Events logged. Is there any log on vCenter which will provide me a clue?

Thanks,

0 Kudos
VipalGujrathi
Contributor
Contributor
‎02-03-2019 12:11 AM
Jump to solution

I suggest remove PSC /VCSA from domain and re-join them. After migrating to 6.5 i have seen issue where users cant login to vCenter with AD account or face issue which you described.

Removing from domain and re-join should work.

0 Kudos
Prabasi
Enthusiast
Enthusiast
‎02-18-2019 10:03 AM
Jump to solution

Removed from the domain an re-joined multiple times which did not fix the issue.  I had to install a new vCSA, reconfigure it and shut down the old appliance which was the only solution. Support even could not fix it.

0 Kudos