mathewdsa
Enthusiast
Enthusiast

App Volumes Active Directory error mesages

Our App Volumes manager has many system messages going back several days about failure to connect to AD.
Users are still getting attached writable and we can search users to assign new writable volumes.
The AD account is also used by a different App Vol manager for a second site but same AD domain. That App Vol manager does not have the messages.
Both managers serve VDI Horizon users via individual vcenters.
We need to resolve the AD connection messages on the App Vol manager that has this message.

0 Kudos
4 Replies
Mickeybyte
Hot Shot
Hot Shot

@mathewdsa 

Could you give an example of those error messages? 

I remember seeing messages like "invalid credentials" showing up in the log after setting up LDAPS or LDAP over TLS instead of LDAP (insecure) I think in the AD configuration in AppVolumes.

 

Regards,
Mickeybyte

If you found this comment useful or an answer to your question, please mark as 'Solved' and/or click the 'Kudos' button, please ask follow-up questions if you have any
0 Kudos
mathewdsa
Enthusiast
Enthusiast

I'm seeing things like:

  • Unable to connect to Active Directory 
  • No connected adapter was found
  • Active Directory error:A connection attempt failed because the connected party did not properly respond after a period of time, xxx-user specified timeout. 

 

0 Kudos
Mickeybyte
Hot Shot
Hot Shot

@mathewdsa 

That's not what I've seen before when using LDAPS. There must be a different cause for those errors. 

Please compare the AD configuration between both sites to see if you can find any difference. Also re-enter the password for the AD bind account. 

Guessing from the errors, also check if the AppVolumes managers have access to the AD servers (firewalls?).

 

Regards,
Mickeybyte

If you found this comment useful or an answer to your question, please mark as 'Solved' and/or click the 'Kudos' button, please ask follow-up questions if you have any
mathewdsa
Enthusiast
Enthusiast

We were given a KB to follow to disable NTLM:

Disable Microsoft Windows NTLM Authentication (vmware.com)

Now under observation.